Ordering food online for delivery was somewhat popular prior to the pandemic, but really took off during the pandemic when people wanted restaurant food without having to go to a restaurant. Many restaurants have taken advantage of this interest and set up websites to facilitate ordering food deliveries and companies such as DoorDash and GrubHub also take online orders for food deliveries from multiple restaurants. As could be expected scammers also are getting into the food delivery business although it would be more accurate to say that they got in the business of taking your online orders for food delivery, but deliver nothing except charges on your credit card. Scammers create websites for phony delivery services using names such as “Order Hero” and “Order Ventures” or they mimic websites of legitimate restaurants or delivery services and through manipulating algorithms used by search engines to rank websites may appear at the top of a Google Chrome or other search engine search. Trust me, you can’t trust anyone.
Scam of the day – December 19, 2022 – What to do When you Become a Data Breach Victim Over the Holidays
The federal government has warned business leaders to be ready for inevitable cyberattacks during the Christmas and New Year period. Many times in recent years, major cyberattacks and data breaches occurred over the holidays when businesses, government agencies and individuals are not paying as much attention to cybersecurity as they should be. According to the National Cyber Director Chris Inglis, “Historically we have seen breaches around national holidays because criminals know that security operations centers are often short-staffed , delaying the discovery of intrusions.”
If one of your friends received a Facebook friend request that appeared to come from you, it does not mean that your account was hacked. It does mean however that, most likely, your account was cloned in the sense that someone has set up a Facebook account or some other social media account in your name or a slight variation of it in order to trick people into trusting messages that they post, to lure them into scams or to trick them into clicking on links containing malware.
Protecting the privacy of your Social Security number is essential in order to protect yourself from identity theft. Identity thieves use a variety of pretenses to trick people into providing their Social Security numbers to scammers who can then use it as part of their efforts to steal your assets or get loans in your name that they don’t repay. Recently a savvy Scamicide reader received an official appearing notice through email that appeared to come from the Social Security Administration. The notice carried the logo for the Social Security Administration and read as follows: “We have noticed some unusual activity on your account and as a security measure we are required to deactivate your SSN services. This is not a permanent cancellation; you will be able to reactivate your account at any time. We apologize for any convenience this may have caused you. If you need any help with reactivating your account, please contact our customer service at 1(888) 623-2544.”
In 2019, the Los Angeles District Attorney issued a warning about the dangers of charging your phone at the USB chargers commonly found at airports, hotels and other public locations. A few years earlier cyber security company Kaspersky Lab issued a report detailing the dangers posed by the simple act of recharging your phone through someone else’s computer or at a public charging station. The problem stems from the fact that information is transferred between your smartphone and the charger as soon as you plug your cellphone into the computer or charging station you are using to recharge your cellphone.
Here is another good example of a phishing email that is presently being circulated. Phishing emails, by which scammers and identity thieves attempt to lure you into either clicking on links contained within the email which will download malware or providing personal information that will be used to make you a victim of identity theft, are nothing new. They are a staple of identity thieves and scammers and with good reason because they work. As always, they lure you by making it appear that there is an emergency that requires your immediate attention or else dire consequences will occur. Copied below is part of a phishing email presently being sent to unsuspecting people that appears to come from PayPal. It contains a PayPal logo which I did not show in this Scam of the day. Such logos may look legitimate, but are easy to counterfeit. The email attempts to lure you into calling a phony customer service number where you will be asked for personal information that will be used to make you a victim of identity theft.
Scams involving sales of non-existent puppies had already increased dramatically in the last few years, but really took off during the Coronavirus pandemic when many people were looking for the emotional support of a loving dog and the holiday season is bringing even more instances of puppy scams as people attempt to buy dogs as holiday gifts. People buy dogs or other pets online and, although they think they are taking proper precautions, they often end up getting nothing in return for the money that they wire to the scammer who may have a website or some other way of marketing their non-existent pets with photographs and false information.
The popularity of Netflix makes it a preferred subject for phishing emails sent to people appearing to come from Netflix in which you are told you need to update your credit card information or asking for other personal information. Reproduced below is a copy of an email received by a Scamicide reader. The email looks somewhat legitimate although the salutation of “Hi Customer” is pretty much an indication that this is a scam. The Netflix logo appears on the email, but it is easy to counterfeit the Netflix logo and make the email appear to be legitimate when it is not. Two things can happen if you click on the links in the email. Either you will be directed to a phony but legitimate looking website where you will be prompted to input your credit card information and thereby turn it over to an identity thief or, even worse, merely by clicking on the link, you will download keystroke logging malware that can steal all of the information from your computer and use it to make you a victim of identity theft.
According to the Federal Trade Commission (FTC) consumers lost 148 million dollars to scams in which gift cards were used as the payment method last year and this number has increased each year since 2018. . Scammers are big fans of gift cards because they are easy to purchase, easy to send to the scammer and impossible to trace to the scammer. It is not even necessary for the scammer to be in possession of the actual gift card to use it. Sending the gift card numbers or taking a picture on your phone and transmitting it to the scammer is sufficient for the scammer to use the gift card to buy things that can then be sold and converted into cash.
According to the FBI, which has warned about the increasing frequency of job scams, the scammers often first set up a phony website that appears to be that of a legitimate company with which you might be familiar. They then post the phony job opportunity on legitimate job sites and direct the job applicants to the phony website These scammers will do interviews of prospective employees in much the same way that real companies do to make their scam appear legitimate, however, unlike legitimate job interviews, the interviews done by scammers are generally relatively short and don’t require repeated interviews before the targeted victim of the scam gets “hired.” At that point, the scammer then requests personal information such as your Social Security number which a legitimate employer would also do which is one reason this scam is so dangerous. They also may ask for money or your credit card number to pay for background investigations or equipment for the company which legitimate businesses do not do.
Since it began in 2003, the National Do Not Call list has grown to include more than 246 million phone numbers. When you register your phone number with the Do Not Call list it becomes illegal for telemarketers to contact you by phone. The Do Not Call list does not apply to charities so you still may be contacted by charities even if you have registered for the Do Not Call list. However, when you receive a call from someone purporting to be representing a charity, you can never be sure who is really calling so you should never give your credit card number to someone who calls you allegedly from a charity. If you are interested in a particular charity, contact the charity directly to make your contribution.
Timeshares are a legitimate vacation option for many people with about 9.6 million Americans owning timeshares. However, resales have often been difficult for timeshare owners and scammers have been preying upon timeshare owners trying to sell their interests with promises of buyers that never materialize after charging the timeshare owners upfront fees of sometimes thousands of dollars. Part of the problem is that the timeshare resale firms are largely unregulated although the Federal Trade Commission (FTC) has brought a number of lawsuits against timeshare resale companies for false and misleading marketing. Many older timeshare owners are specifically targeted by scammers through the mail, telemarketing and seminars in which they promise easy sales and big profits. Most of these companies charge upfront fees of between $2,500 and $10,000. Many of them provide a money back guarantee, but the guarantee of a scammer is worthless. Recently the FTC sued a company called Consumer Protection Law which the FTC alleges targeted older Americans through mailers here they invited them to in-person presentations where the company is alleged to have used high pressure tactics to get people to sign up for their services which cost between $5,000 an $80,000. Unfortunately, according to the FTC Consumer Protection Law rarely followed through on their promises.
The popularity of online shopping has brought a dramatic increase in the number of packages delivered by companies such as UPS and Federal Express. The popularity of online shopping has also resulted in a new term entering the lexicon, namely, “porch pirate,” which is the name given to criminals who cruise through neighborhoods looking for packages to steal that have been left on the doorsteps of homes by delivery services. It has been estimated that more than 25 million Americans will have packages stolen from their front doorsteps during the holiday shopping season. Fortunately, there are a number of steps you can take to protect yourself from becoming a victim of this crime.
The FIFA World Cup tournament is in full swing in Qatar. This is the most popular sporting event in the world. With an estimated half of the world’s population eagerly watching the FIFA World Cup tournament it should come as no surprise that this event has spawned numerous scams and identity theft schemes concocted by criminals around the world. Security researchers at the company Group-IB found 16,000 phony websites using counterfeit FIFA World Cup 2022 branding. They also found 40 fake apps in the Google Play Store related to the FIFA World Cup 2022.
Credit card debt which often carries an interest rate that is so high it could cause a nose bleed is a concern for many people and, as always, anything that concerns many people is something that scammers are interested in. Recently the Federal Trade Commission (FTC) filed a complaint and obtained a preliminary injunction shutting down ACRO Services and its related companies that the FTC claimed was operating a deceptive credit card debt relief scam in which ACRO claimed it could clean up your credit card debt in return for an enrollment fee of thousand of dollars plus additional monthly fees. Unfortunately, ACRO and its affiliated companies offered nothing of value. Making matters worse, they advised their customers to stop making monthly payments to their credit card companies and to stop all communications with their credit card companies which merely led to higher credit card balances, additional credit card interest, lower credit scores and even lawsuits by the credit card companies for failure to pay in some instances.
The scam involves the Google Voice/Google Phone service which is a free phone number provided to you by Google. Calls to that number are forwarded to your cell phone. In order to set up a Google Phone number you need to provide your phone number for verification purposes. Google then texts or calls you with a 6 digit code that you must enter online to finish the process. The good new is that if you fall for the scam and send the 6 digit code to the scammer, you won’t lose any money, however, you can be sure that a scammer will be using your phone number to perpetrate scams and hide his or her tracks.
Shopping on Amazon is extremely popular both with consumers and scammers seeking to exploit Amazon’s popularity. I have warned you many times over the years about scammers who send various types of phishing emails which purport to be from Amazon attempting to lure you into either clicking on links which can download malware, such as ransomware or providing personal information that can be used to make you a victim of identity theft. The email below is typical of those presently circulating. This latest Amazon phishing scam starts with an email that appears to come from Amazon informing you that your account has been locked due to some unspecified “billing issue.” Anyone receiving such an email would certainly be concerned that their account and might be lured into clicking on the link provided to verify their identity. Phishing emails often try to entice people into providing sensitive personal information that can be used for purposes of identity theft or to click on links that may either ask you for personal information or merely by clicking on the link you may download harmful malware.
Scam of the day – November 30, 2022 – FTC Sending Further Refunds to Victims of Career Information Scammer
In 2021, the FTC settled its claims against Career Education Corp. (CEC) and as a result is now sending refunds totaling thirty million dollars to victims of CEC’s scams. CEC bought leads from companies that constructed bogus websites to attract people looking for information about jobs, how to enlist in the military and Medicaid information. CEC would then use that information to contact them and made high-pressure sales calls to induce people to enroll in their schools that would not provide the services they desired. According to the FTC, CEC used telemarketers to make aggressive enrollment pitches to people who had signed up for the federal Do Not Call List.
While the instances of coronavirus (COVID-19) infections are nowhere near their levels during the height of the pandemic, the virus is still with us and still poses a public health threat. Unfortunately, unscrupulous companies are marketing bogus COVID cures and treatments that are totally ineffective. In the last couple of years I have reported on the efforts of the Federal Trade Commission (FTC) and the Food and Drug Administration (FDA) to stop scammers from preying on the fears of people by selling them worthless or even harmful phony cures and treatments. Recently the FTC sued Precision Patient Outcomes and its CEO, Margrett Priest Lewis for marketing dietary supplements consisting of just some vitamins, zinc and a flavonoid as an effective treatment for COVID-19 although, according to the FTC, there is no scientific evidence that their supplement offer the slightest help against COVID-19.
The FBI has warned about what it calls E-Skimming which occurs when criminals infect the websites of businesses and government agencies with malware that allows the criminal to steal credit card and debit card information and then use it to make charges using the victim’s credit card or debit card. With much of the holiday shopping season expected to be done online, the instances of E-Skimming can be expected to increase.
Everyone loves coupons and like many things in our lives, coupons which used to be found commonly in newspapers and magazines have migrated online. As I have warned you many times in the past, Facebook has become a hotbed for phony online coupons. The phony coupons looks quite legitimate which means nothing because it is very easy to copy the company logos and make the coupons appear to be genuine. The way that many phony coupon scams work is that in order to qualify for the coupon, you must complete a survey in which you are required to provide much personal information that is used to make you a victim of identity theft. In other versions of the scam, the scammer actually asks for your credit card numbers. In yet another version of the scam you are required to buy costly items in order to claim your “free” coupon. Many of the coupon scams also require you to forward the coupon to friends which make the phony coupons look more legitimate when they are received by your friends. Ultimately, in all of these scams, the coupons are worthless and you get nothing but the opportunity to become a victim of identity theft.
Fans of the old horror movie Poltergeist 2 remember the classic line “They’re back” and so it is with the classic Secret Sister scam which returns each holiday season. I first reported to you about this scam in 2015. It seems harmless enough when you see it come up in your email or on social media, such as Facebook or Twitter where it has increasingly been found lately. It is often titled the “Secret Sister Gift Exchange.” Commonly it provides you with a list of six people and you are told to send a gift worth at least ten dollars to the first person on the list, remove that person’s name from the list, move the second person on the list to the first position, add your name to the end of the list and then send the list to six of your friends. In theory, you will receive thirty-six gifts for your small contribution of ten dollars.
The Federal Trade Commission (FTC) recently sued DK Automation, LLC and its principals, Kevin David Hulse and David Arnett alleging they promised huge returns to trick people into buying business opportunities and training programs through which they said they would teach you how to operate fantastically profitable stores on Amazon. According to the FTC, those claims were deceptive or outright lies and most people who bought the programs never made any profit and often lost money. According to the FTC DK Automation also sold bogus cryptocurrency investment training programs for as much as $85,000 that also were worthless.
Impostor scams have long been among the most lucrative for scammers. While there are many variations of this scam, the most common variations have involved scammers calling their intended victims on the telephone posing as some governmental agency such as the, FBI, IRS or the Social Security Administration. The scammer then, under a wide variety of pretenses, demands an immediate payment by gift cards, credit card or wired funds. Being asked to pay by gift cards is a definite indication that the call is a scam since no governmental agency requests or accepts payments by gift cards. Alternatively, the scammer demands the victim supply the phony governmental agent with personal information such as your Social Security number which will then be used for identity theft purposes.
Up until a few days ago, FTX was a very popular cryptocurrency exchange that attracted an estimated million investors. It was touted on television commercials by many celebrities including Tom Brady, Gisele Bundchen, Steph Curry, Shacquille O’Neal, Naomi Osaka and even Larry David in a Super Bowl commercial earlier this year. Unfortunately, FTX recently filed for bankruptcy and is being investigated for numerous fraud charges including accusations that it was nothing more than a Ponzi scam. Desperate investors are now being targeted through emails and phony Department of Justice websites that claim that after paying legal fees, the FTC customers would be able to withdraw all of their funds. This is nothing more than a scam intended to lure people into paying for worthless services. The filing of bankruptcy by FTX froze their assets and customers are not able to access their accounts at this time.
In 2018 I told you that the Federal Trade Commission (FTC) and the New York Attorney General brought legal action against Hylan Asset Management and its owners Andrew Shaevel and Jon E. Purizhansky alleging that they attempted to collect on phantom, non-existent debts even after some of the people they contacted provided records proving they did not owe the money alleged. The case was settled in 2019. As a condition of the settlement, the defendants were permanently banned from the debt collection business and agreed to pay a fine which was used to refund money lost by victims of the scam. Payments first went out to the victims in October of 2021 and now a second round of checks is being sent to victims of the scam.
Electronic greeting cards have become very popular and with good reason. Even if you don’t remember a birthday or delay sending a holiday card until the last minute, you can send an electronic greeting card, often for free, and have it delivered immediately. Many electronic greeting cards are quite creative with videos and music, as well. But, unfortunately, you can always count on scam artists and identity thieves to try to spoil anything and electronic greeting cards are no exception. The scam starts when you get a phony electronic greeting card that requires you to click on a link to read the card. If you click on one of these phony greeting cards, you may end up downloading a keystroke logging malware program that will steal all of the information from your computer and end up with you becoming a victim of identity theft or alternatively you may download dangerous malware such as ransomware.
In the Scam of the day for February 2, 2021 I told you about that the Federal Trade Commission had settled claims against Seed Consulting LLC after the FTC had filed a complaint against the company for charging consumers between $3,000 and $4,000 merely to apply on their behalf for multiple credit cards with total credit lines of more than $50,000, a practice referred to as “credit card stacking.” The credit cards were then used to pay for expensive and generally useless training programs that purported to train aspiring entrepreneurs seeking to start businesses or to become successful real estate investors.
Pursuant to the terms of the settlement, Seed Consulting LLC paid 2.1 million dollars to the FTC which in September of 2021 sent refunds to the victims of the scam. Now because there is still undistributed funds, the FTC is sending second checks to victims of the scam who already had received checks in 2021. For more information about the refund program go the tab marked “FTC Scam Refunds” in the middle of the first page of http://www.scamicide.com.
If you are shopping in a brick and mortar store Friday or any other day throughout the year, you should use a credit card rather than a debit card because of the possibility of skimmers which are small devices being used by criminals working as sales clerks that will capture your credit card number which will then be used to make fraudulent purchases. Whenever possible you should use your chip credit card because it is not susceptible to skimmers, however, some retailers still don’t use chip technology so your credit card’s vulnerable magnetic strip will be used to process the purchase which makes it more susceptible to being hacked by a criminal. As for using your credit card rather than your debit card, it is important to remember that while your liability for fraudulent use of your credit card is limited by federal law to no more than $50, your liability for fraudulent use of your debit card which is tied to your bank account is unlimited if you do not promptly discover and report the fraud which is why you should always use your credit card for shopping rather than your debit card.
A number of phony websites and postings on social media are offering personalized letters from Santa Claus that you can purchase for your children. Unfortunately, while the spirit of Santa Claus is real, many of the companies offering these letters from Santa are not and all that you end up doing is turning over your credit card number to a scammer who then uses it to make fraudulent purchases while you receive no letter from Santa Claus or even the Grinch. There are some legitimate companies offering letters from Santa for a fee, but it is important to check them out thoroughly before hiring their services. An easy first step to do that is to merely Google the name of the company with the word “scam” and see what comes up.
Earlier this year, the FBI warned parents about adult predators, often posing as young girls, contacting teenage boys on a variety of online platforms such as games or social media and then convincing the teenage boys to engage in explicit sexual activity while unbeknownst to the teenaged boy, the predator is recording it. The scammer then reveals to the teenager that the scammer has the recording and threatens to post it online unless a substantial payment is made. More recently the Montgomery County Alabama District Attorney issued a similar warning after observing an increase in incidents.
Scams involving utility bills for electric, water or gas services have long been popular with scammers. Utilities United Against Scams, a consortium of more than 100 American and Canadian utility companies has designated November 16th as National Utility Scam Awareness Day. In one common utility scam, potential victims receive telephone calls purportedly from their utility company informing them of a special company promotion for which they are eligible. They just need to provide some personal information.
Recently the Topeka, Kansas Police issued a warning about an increase in phone scams in which the caller poses as a law enforcement officer who tells the targeted victim of the scam that the targeted victim of the scams is in contempt of court or has issues with the registration of his or her car. The scammer then goes on to tell the targeted victim that the any criminal charges will be dropped if the targeted victim makes a payment either By Zelle or by sending gift card information. While this warning was from the Topeka Police, this scam has been widely reported around the country.
Phishing emails, by which scammers and identity thieves attempt to lure you into either clicking on links contained within the email which will download malware or providing personal information that will be used to make you a victim of identity theft, are nothing new. They are a staple of identity thieves and scammers and with good reason because they work. As always, they lure you by making it appear that there is an emergency that requires your immediate attention or else dire consequences will occur.
Recently a federal grand jury in Puerto Rico returned indictments of eight people accused of operating a debit card scam in which they visited elderly clients of a local bank posing as either federal agents or officers of the bank and told their victims that their bank accounts had been compromised by identity thieves. They then told their victims that in order to remedy the problem, they needed their victims to provide their debit cards to the scammers as well as tell the scammers their PINs. The victims who fell for the scams had their debit cards used by the scammers to steal more than $619,000.
The message will have a link and what appears to be a video, which many people would be tempted to click on out of a concern that the video may be significant, however, when you click on the link, you are taken to a phony Facebook login page. If you fall for the scam and type in your username and password, you will have turned over control of your Facebook account to a criminal. When a criminal gains access to your Facebook account, it enables him or her to be able to send out a wide variety of malware infected posts and messages that will appear to come from you and therefore be more likely to lure your unsuspecting friends into clicking on the links in the posts and messages thereby downloading a wide variety of dangerous malware such as ransomware or keystroke logging malware that can lead to identity theft.
I have warned you a number of times in the past about the danger of identity theft that occurs when criminals steal your mail from your mailbox. Among the dangers of mail theft are criminals gathering personal information contained in your mail to set up accounts in your name or getting your credit card bill and using the information in your bill to access your credit card. However, sometimes the criminals don’t even have to steal your mail, they can get the United States Postal Service USPS) to deliver your mail directly to the criminal by submitting a change of address form with the post office on your behalf either in person or online that results in your mail being sent directly to the criminal.
Geek Squad is a subsidiary of big box store chain Best Buy and it offers excellent tech support for electronic devices including televisions and computers. They are a popular company used by many people. The Federal Trade Commission (FTC) recently warned that lately scammers have been sending phishing emails that appear to be Geek Squad invoices. In February 12th’s Scam of the day These emails look like a legitimate email from Geek Squad, although the grammar in many of these emails is not particularly good which is one of many indications that it was a scam. These types of phishing emails are intended to lure you into contacting the scammers where you will be prompted to provide information that will lead to your becoming a victim of identity theft.
Scammers and identity thieves view the open enrollment period as senior citizen hunting season as myriads of Medicare scams are common during this time. Seniors may be contacted by someone purporting to be from their insurance company asking them to verify information. This is a common tactic of identity thieves trying to trick their victims into providing information. They also may be contacted by people claiming to have supplemental insurance programs that will save them thousands of dollars. Here too, you cannot be sure that they are legitimate when they contact you by phone, text message, email or even regular mail. In addition, scammers send phishing emails that appear to come from your employer asking you to review and approve your health care benefit and then lure you into clicking on malware infected links or providing personal information that can lead to your becoming a victim of identity theft.
The latest Facebook phishing scam starts with an email that appears to come from Facebook informing you that your password has recently been reset. You are then directed to a link to click on if you did not reset your password (which, of course, you have not). The log-in page looks legitimate, but it is not. It is a scam and if you provide this information, it will lead to identity theft and your Facebook account being taken over or, even worse, merely by clicking on the link, you will have downloaded dangerous malware.
Recently an Ohio man responded to an ad for a work at home job and he was sent a legitimate appearing check for $3,000 that he was instructed to deposit into his bank account and then wire three payments totaling $2,300 to accounts that were related to his work and keep the remaining $700 for himself. The scam victim followed his instructions, but the check sent to him was counterfeit and bounced leaving him out the $2,300 he sent from his account.
Criminals around the country are increasingly stealing mail with checks in them from U.S. Postal Service mailboxes, “washing” the checks with simple nail polish remover to remove the name of the person or company to whom the check was made out and then writing in their own name. In other instances, the criminals will also change the amount of the check. In recent years Boston and New Orleans, for example, had large numbers of such mailbox thefts of checks that were then altered and cashed.
The FBI recently issued a warning to college students about job scams targeting college students. While sometimes these phony job scams are found in online advertisements, in many instances the scammers contact the students directly by email with a job offer. When the student accepts, the scammer sends an official appearing check to the student who is told to deposit the check into the student’s bank account. The check is actually made out in an amount more than what was agreed to be paid to the student and the student is instructed to wire the extra funds back to the company. Of course, the check is counterfeit and ultimately bounces, however, the money that the scammed student wires to the scammer from his or her bank account is lost forever. Often the excuse for the check in an amount more than the student is to be paid is justified by the student being told to wire the money to a vendor for supplies or necessary software.
Soon we will be celebrating Veterans’ Day, a day we set aside to honor those who have served our country and to whom all Americans owe a debt of gratitude. However, for scam artists, Veterans’ Day is just another opportunity to take advantage of the best intentions of people and steal their money. In 2020, the Senate Committee on Aging held hearings in which they inquired about scams targeting veterans and members of the military. One witness testified at the hearing that veterans are twice as likely to be scammed than the general population.