Search Scams
Scam of the day – October 31, 2025 – Dual Factor Authentication Scam
Recently scammers have been sending text messages that appear to come from a company with which you do business informing you that there has been suspicious activity on your account and that you need to confirm your identity or else your account will be locked. You are then told that in order to do so, you will receive a text message with a code that you should, in turn, text back as a reply to the scammer. Unfortunately, what is actually happening is that the scammer has already managed to obtain your password and has just tried to log in to your account which is protected by dual factor authentication, so if you do send the code to the scammer, you will have defeated dual factor authentication and enabled the scammer to access your account.
Scam of the day – October 30, 2025 – Copy of Your Deed Scam
Having an actual copy of your deed is not very important once it has been recorded in the local Registry of Deeds, however it is still a good record to keep. However, obtaining a copy of your deed on your own from your local Registry of Deeds is both simple and rarely costs more than a few dollars at the most. The problem with this particular scam is that technically, it may be legal in the sense that they are offering to obtain a copy of your deed for you for a fee and there is nothing illegal about that. However, the emails and letters you receive offering this service are usually confusing and misleading which is why I consider them to be a scam.
Scam of the day – October 29, 2025 – New Sophisticated PayPal Scam
This new scam starts with an email, reproduced below that apears to come from a legitimate PayPal email address. Often scammers use botnets of infected computers to send out such phishing emails so that the email address of the sender clearly shows it is not coming from the real company the scammer is posing as. However, in this instance the scammers use special software programs that allow them to “spoof” a legitimate PayPal email address even though the phishing email is not coming from PayPal. The subject line indicates “Set up your account Profile” while the email itself refers to a charge that you have not made. Often PayPal phishing scams provide fake links and telephone numbers to use to dispute phony claims with the intention of gathring information from you to facilitate access to your account.
Scam of the day – October 28, 2025 – Another Major Health Care Data Breach
An analysis of the health care breach data base maintained by the Department of Health and Human Services done by Security Week indicated that in 2024 there were 720 data breaches affecting as many as 186 million people. And just this week we learned of a data breach at medcial imaging provider Simon Med Imaging that compromised the data of 1.2 million people. While the data breach was only disclosed this past week, the hacking occured between January 21st and February 5th of this year. SimonMed has not indicated precisely what information was taken other than the names of its patients, but it is thought to have included much sensitive informaiton that could result in identity theft. The Medusa ransomware gang announced on its Dark Web portal in February that it had hacked SimonMed Imaging and leaked some of hte stolen data as proof of their claim. At that time Medusa demanded a million dollar ransom payment. While the company has not confirmed any payment, the fact that Medusa no longer lists the data breach on its site is a good indication that the ransom was paid.
Scam of the day – October 27, 2025 – Phony Sirius XM Invoice Scam
The copied email below was provided by a longtime Scamicide reader attempts to lure you into clicking on a link in order to renew an expired satellite radio Sirius XM account for free which right away should be a red flag that this is a scam. As always, the purpose of a phishing email is to lure you into clicking on links contained within the email or providing personal information. If you click on links in phishing emails, you end up either downloading malware or providing information used to make you a victim of identity theft.
Scam of the day – October 26, 2025 – Gas Pump Skimmers Continue to be a Problem
MasterCard and Visa announced in December of 2016 that the deadline for the installation of EMV chip card readers on gas pumps was being delayed three years to October 1, 2020. This deadline was further delayed due to the Coronavirus pandemic to April 17, 2021 at which time less than half of the gas pumps in the United States complied with the requirement to install EMV chip card readers. And although that deadline has long since passed, due to the cost involved, many gas pumps still are not enabled for your chip credit card. It has been estimated that about 40% of gas pumps still have not been updated with EMV chip card readers, leaving them susceptible to skimmers.
Scam of the day – October 25, 2025 – Income Tax Implications of Being Scammed
Prior to 2017 if a scammer convinced you to take money out of your retirement accounts and send the funds to the scammer, you could get a theft and loss deduction to ease the sting just a bit. However, with the passage of the Tax Cuts and Jobs Act in 2017, the rules were changed such that you can only take a decution under Internal Revenue Code Seirc secction 165 for your scam losses only if the transaction was entered into for a profit such as when you are a victim of an investment scam. However, for imposter scams, romance scams, tech support scams and more, you are not able to deduct your losses and if you took the money out of your retirement account to pay the scammer, the results are even worse because the full amount of your withdrawal unless it was from a tax-free Roth IRA will be fully subject to income tax and if you are under the age of 59 1/2 the IRS adds its standard early withdrawal penalty.
Scam of the day – October 24, 2025 – Google Voice Scam
The scam involves the Google Voice/Google Phone service which is a free phone number provided to you by Google. Calls to that number are forwarded to your cell phone. In order to set up a Google Phone number you need to provide your phone number for verification purposes. Google then texts or calls you with a 6 digit code that you must enter online to finish the process. The good news is that if you fall for the scam and send the 6 digit code to the scammer, you won’t lose any money, however, you can be sure that a scammer will be using your phone number to perpetrate scams and hide his or her tracks.
Scam of the day – October 23, 2025 – Lottery Scams
Lottery scams are one of the most prevalent types of scams and scammers cheat people out of millions of dollars each year by tricking people into sending money to the scammers after being told that they have won a lottery, but are required to pay some fees or taxes in order to collect their prize. According to the Federal Trade Commission (FTC) Americans lost $351 million to lottery scams last year. It is hard to win any lottery. It is impossible to win one that you have not even entered and yet scam artists, the only criminals we refer to as artists have found that it is extremely lucrative to scam people by convincing them that they have won various lotteries.
Scam of the day – October 22, 2025 – LinkedIn Job Scams Getting Worse
A recent development is scammers using the name of legitimate companies that are hiring and approaching their victims through LinkedIn’s direct messaging feature. They then create counterfeit websites that look like the websites of the legitimate companies they are posing as and ask the job seekers for personal information as part of the hiring process before holding a job interview by Zoom. The personal information which may include the job seeker’s Social Security number is used for purposes of identity theft. They also may ask for money or your credit card number to pay for background investigations or equipment for the company which legitimate businesses do not do. In other instances, the job seeker is required to pay for equipment or training which the scammer promises to reimburse, but, of course, the money is never paid back. Making the problem even worse is the use of AI to make the photos and websites even more legitimate appearing.
Scam of the day – October 21, 2025 – New Supreme Court Imposter Scam
A sophisticated new version of the imposter scam is presently circulating that begins with a fake snail-mail letter that appears to come from the Supreme Court and carries the forged signatures of Chief Justice John Roberts and Associate Justice Sonia Sotomayor. The stationary appears legitimate and carries the seal of the Supreme Court, but it is a simple matter to counterfeit the stationary and seal. The letter, which is personally addressed to each targeted victim informs the targeted scam victim that he or she is a suspect in a criminal investigation and also claims that their Social Security number has been compromised. The letter goes on to say that the targeted victim’s assets will be frozen and urges the targeted victim to cooperate with the U.S. Treasury Department. The letter closes with a threat of failure to cooperate in the safeguarding of assets will result in their loss as well as having their Social Security number suspended.
Scam of the day – October 20, 2025 – Lending Company Data Breach Affects 17.6 Million Accounts
Prosper Marketplace, Inc is a peer to peer lending platform that enables people to borrow money directly from investors rather than go through traditional banks. Prosper has been around since 2005 and facilitates loans of between $2,000 and $50,000. Prosper recently disclosed that it had suffered a massive data breach affecting 17.6 million accounts. Among the compromised data were names, birth dates, email addresses, Scial Security numbers and more. This information can readily lead to identity theft. Prosper has indicated that it is still investigating the data breach, but will be offering free credit monitoring at a later date.
Scam of the day – October 19, 2025 – U.S. Government Sanctions Cambodian Organization Over Pig Butchering Scams
Earlier this week, the federal govenrment scantioned Prince Group, a Cambodian conglomerate after desginating it a transnational criminal organization. These sanctions prevent American companies and individuals from doing business with it. At that same time, its leader Chen Zhi was indicated by the Justice Department over his companies involvment with many scams, including pig butchering scams. Fifteen billion dollars worth of Bitcoin of ChenZhi was also seized. I have written many times since 2019 about pig butchering scams and their relationship to romance scams.
Scam of the day – October 18, 2025 – Delivery Text Message Scam
Today’s version of a delivery scam involves a phishing email sent by a Scamicide reader, reproduced below made to look like a tracking order which are sent in large numbers to people with the hope and expectation that people expecting a delivery will fall for the scam. If you click on the “Track my order,” “Click to review,” or “Click to view” links you will either be lured into providing personal information that will lead to identity theft or even worse, merely by clicking on the links you will download dangerous malware. I have disabled the links in the email below. If you had hovered your mouse over the links you would see that the address it would be taking you to a site that had nothing to do with any of the major delivery companies such as Federal Express or UPS.
Scam of the day – October 17, 2025 – Hacking Into Your Bank Account Using Voice Cloning Technology
Due to now widely available AI voice cloning technology, it can be a simple matter for an identity thief to clone your voice from social media or anywhere else your voice appears and use it to access your bank account if you are using voice verification at your bank. The susceptibility of voice verification technology to AI voice cloning has been proven by tech researchers in numerous instances.
Scam of the day – October 16, 2025 – Probate Estate Scams
The death of a family member or loved one is always difficult and scammers take advantage of the emotional vulnerability of families at this time by contacting them after a probate has been started to settle the estate of the deceased. Scammers troll the probate court records for estate filings which can be done online and harvest the names of the deceased, the names of the heirs of the estate and assets that make up the estate. All of this information is publicly available in the records of the probate court. The scammers then use this information to craft believable scams in which the scammers pose as attorneys and debt collectors demanding payments for non-existent debts. They threaten legal action if they are not paid immediately and often demand payment by wire transfers, cryptocurrencies or gift cards. Phone calls may appear to come from actual companies that the deceased may have done business with because the scammers can “spoof” those numbers so your Caller ID makes it appear as if the call is coming from the legitimate company rather than actual number from which the scammer is using to make the call.
Scam of the day – October 15, 2025 – Pastor Gift Card Scam Continues to Claim Victims
I first warned you about this particular scam in 2017, but it has recently resurfaced in many places around the country. Most recently parishioners of the Nativity Lutheran Church in Bend, Oregon received emails that appeared to come from their Pastor, Chris Kramer in which they were asked to buy Target gift cards and provide the numbers of the gift cards to the phony Pastor Kramer to help with a “delicate” situation. The email contained the photo of the pastor and was written in a manner that closely followed his writing style. The scammers may have been aided by AI in doing so. This wasn’t even the first time this type of scam had targeted parishioners of the church. A similar less sophisticated version of the email was done five years ago.
Scam of the day – October 14, 2025 – Facebook Cloning Continues to be a Problem
If one of your friends received a Facebook friend request that appeared to come from you, it does not mean that your account was hacked. It does mean however that, most likely, your account was cloned in the sense that someone has set up a Facebook account or some other social media account in your name or a slight variation of it in order to trick people into trusting messages that they post, to lure them into scams or to trick them into clicking on links containing malware.
Scam of the day – October 13, 2025 – Halloween Costume Scam
Celebrating Halloween has become a major event in recent years with many adults searching for elaborate costumes and of course whenever many people are interested in something, scammers appear ready to take advantage of that interest. Scammers have set up phony Halloween costume websites, often posing as legitimate costume websites. Often the ads for their phony websites are posted on social media as well as appearing high in search engine searches because the scammers either purchase an advertisement in order to get a high position in a search engine search or because they are skilled enough to manipulate the algorithms the search engines use to obtain a high ranking.
Scam of the day – October 12, 2025 – Credit Union Warns About Text and Phone Imposter Scams
The VacationLand Federal Credit Union in Ohio is warning people about scammers posing as the bank calling and texting people, telling their targeted victims that there have been suspicious charges made to their account and when the targeted victim says that they did not make the charge, the scammer offers help resolving the problem. In a relatively new development in this type of scam, the scammers tells the targeted victim that it is suspected that the bank’s branches have been compromised by a rogue employee and therefore the targeted victim should not go to the bank to deal with the situation, but rather should download an app they provide or give the scammer account number information, password information, passwords or the answer to the targeted victim’s online banking security question.
Scam of the day – October11, 2025 – Toll Text Message Scam Continues to Claim Victims
Times have changed, but not that much. In 2021 I first told you how this scam had moved to text messaging rather than emails. Phishing text messages are called “smishing.” Again, the text message indicates that the account is overdue and provides a link to a fraudulent page where victims of the scam provide their credit card information to the scammers. The text message version of this scam became more widespread in 2024 as scammers used phishing kits available for purchase on the Dark Web to create realistic text message scams that appear to come from your state’s E-Z pass system. Recently Colorado issued a warning about this scam increasing in that state.
Scam of the day – October 10, 2025 – PayPal Resolution Center Scam
Today’s Scam of the day is one that has been around since 2018, but is resurfacing, as many scams do. It starts with a phony email purporting to be from PayPal that indicates that PayPal is investigating a payment reversal due to your receiving an unauthorized payment due to a transaction error. You are directed in the email to click on a link to login and access your PayPal Resolution Center. Don’t do it! Clicking on the link will take you to a phony PayPal website that will lure you into providing your password and other personal information that will lead to identity theft.
Scam of the day – October 9, 2025 – Canadian Family Loses $200,000 to Investment Scams
Last year Galina Bailey and her husband decided to invest their savings. Unfortunately, rather than consider established, legitimate investment advisers and companies they chose their invstment adviser through a post they saw on social media. When they realized after a few months that they had been scammed they turned to a lawyer to help them, but again she turned to social media, choosing a UK based lawyer she found on Facebook rather than checking through legitimate lawyer referral services and ended up losing more money.
Scam of the day – October 8, 2025 – Phony Parking Ticket Scam
For a year municipal authorities in San Francisco have warned about scammers putting phony, but legitimate appearing parking tickets on the cars of people. The phony parking tickets contain a QR code that takes you to a bogus, but legitimate appearing website where you are prompted to pay the ticket. Making things worse,if you fall for this scam, you are likely to lose more money than the amount of the phony parking fine because you have turned over your credit or debit card number to the scammers to use as they see fit. While this scam seems to have originated in California, it is spreading throughout the country.
Scam of the day – October 7, 2025 – ParkMobile Class Action Settlement
ParkMobile the popular mobile and web parking payment platform suffered a data breach in 2021 resulting in personal information of 22 million of its users being compromised and then leaked on a Dark Web hacking forum making the information available to anyone accessing the site. The data stolen included names, cell phone numbers, email addresses, mailing addresses, license plate numbers and vehicle information. A class action was filed by victims of the data breach and last week ParkMobile sent out emails notifying the affected members of the class that they would be receiving the princely sum of one dollar through a $0.25 discount on ParkMobile’s service fees for four uses. In addition, except in California where such a provision is illegal, victims of the data breach must use the credit by October 8, 2026. In order to use the credit you need to manually add it to your account using the discount code of P@rkMobile-$1 under Payment-Discounts before starting a session.
Scam of the day – October 6, 2025 – Chinese “Goddess of Wealth” Convicted in UK of Operating a Massive Ponzi Scheme
Zhimin Qian, the self-proclaimed "Goddess of Wealth" was convicted this week in the UK on money laundering charges related to a massive Ponzi scheme that she operated in China between 2014 and 2017 that cost her 128,000 victims $6.7 billion. Qian claimed that she was...
Scam of the day – October 5, 2025 – Gift Cards Are A Scammers Best Friend
Scammers are big fans of gift cards because they are easy to purchase, easy to send to the scammer and impossible to trace to the scammer. According to the FTC, consumers lost 228 million dollars to gift card scams last year. It is not even necessary for the scammer to be in possession of the actual gift card to use it. Sending the gift card numbers or taking a picture on your phone and transmitting it to the scammer is sufficient for the scammer to use the gift card to buy things that can then be sold and converted into cash.
Scam of the day – October 4, 2025 – New Hampshire Attorney General Warns About Job Scams
Job scams are fertile ground for scammers. I have written about many forms that these scams take. Recently the New Hampshire Attorney General issued a warning about scammers posing as local businesses sending emails and text messages that appear to come from New Hampshire companies offering employment. Earlier this year the Federal Trade Commission issued a warning about phony job offers being sent to people in text messages. While some job scams that may appear on legitimate sites such as monster.com or LinkedIn may be harder to determine as scams, this text message job offer and email job offer is easier to recognize as a scam because like lottery scams where you are told you have won a lottery you never entered, in this instance you are being offered a job that you never applied for. In both cases this is always a scam.
Scam of the day – October 3, 2025 – Government Shutdown Scams
As always scammers are opportunists taking advantage of whatever is in the news, particularly if the news creates some sense of emergency and the present government shutdown fits the bill. Scammers are contacting targeted victims by emails, text messages and phone calls posing as officials from Social Security, Medicare, Medicaid or other federal programs claiming that their victims’ benefits have either been suspended or require veification to continue. They then either require personal information that can lead to identity theft, or a payment to continue benefits, often demanded to be made by gift cards or cryptocurrencies. Emails or text messages may carry the subject line of “Government Shutdown Notice” or “Benefits Suspension.” Due to the Federal Trade Commission being unable to process scam complaints during the shutdown it could be expected that these scams will be increasing.
Scam of the day – October 2, 2025 – Medicare Open Enrollment Scams
The annual open enrollment period for Medicare begins on October 15th and will end on December 7th. This is the only time during the year that people enrolled in Medicare can change their Medicare health plans, Medigap plans and prescription drug plans. By now, people already enrolled in Medicare should have received an Annual Notice of Change from their health insurance providers describing any changes to their plans such as the dropping of particular drugs from their prescription drug plan. If you are satisfied with your plans, you do not need to do anything.
Scammers and identity thieves view the open enrollment period as senior citizen hunting season as myriads of Medicare scams are common during this time. Seniors may be contacted by someone purporting to be from their insurance company asking them to verify information. This is a common tactic of identity thieves trying to trick their victims into providing information. They also may be contacted by people claiming to have supplemental insurance programs that will save them thousands of dollars. Here too, you cannot be sure that they are legitimate when they contact you by phone, text message, email or even regular mail. In addition, scammers send phishing emails that appear to come from your employer asking you to review and approve your health care benefit and then lure you into clicking on malware infected links or providing personal information that can lead to your becoming a victim of identity theft.
Scam of the day – October 1, 2025 – Amazon Prime Day Scams
Scammers, posing as Amazon are sending phishing emails and text messages in which they attempt to lure their victims into either providing account information that will give the scammer access to the victim’s Amazon account or to make a payment under some pretext or click on a link that will download dangerous malware such as keystroke logging malware or ransomware. They do so by representing to the targeted victim that their account has expired or that a recent order needs to be confirmed or some other emergency related to their account.
Scam of the day – September 30, 2025 – Telephone Call From No One Scam
With computers that can be programmed to make massive amounts of telephone calls, scammers will often first test their lists of telephone numbers by making these calls to determine which telephone numbers are valid numbers for them to call back later with automated robocalls by which they will attempt to either sell you something worthless or gather information from you that can be used to make you a victim of identity theft.
In another version of this scam, people with Caller ID are often tempted into calling back the number to see who called them, thinking that the call was legitimate. Instead, unwittingly they make an expensive premium service call to an adult entertainment service that charge as much as $20 for the first minute or information services such as weather updates that have hefty charges. Many of these calls originate in the Caribbean Islands from area codes such as 268, 284,809, 473,876 or 649.
Scam of the day – September 29, 2025 – Why You Should Keep Your Cell Phone Number Private
When a criminal knows your cell phone number, he or she can leverage that number through commonly available legal databases such as White Pages Premium and learn information such as your current address, past addresses, the names of your family members and more. The criminal can also use the number to gain access to your social media accounts and can most significantly use the information gained to answer security questions that would allow the criminal to do a SIM swap whereby your cell phone number would be transferred to a phone of the criminal and thereby defeat dual factor authentication where you get a text message or a code sent to your phone when you go to access your bank account online or any other account that requires significant security.
Scam of the day – September 28, 2025 – Senators Question Dating Apps About Vulnerability to Scams
Senators Maggie Hassan of New Hampshire and Marsha Blackburn of Tennessee have sent a letter to Match Group which owns the dating apps Tinder, Hinge and OkCupid a letter requesting its records related to how scammers are using their platforms and what the company is doing to prevent romance scams. In particular the senators expressed concerns about how the algorithms used by Tinder, Hinge and OKCupid contribute to romance scams. The senators requested the documentation be provided to them by October 15th.
Scam of the day – September 27, 2025 – Stellantis Data Breach
Stellantis, the parent company for automakers Chrysler, Dodge, and Fiat announced recently that it had suffered a data breach in which names and contact information of 18 million of its customers was stolen. Disturbingly, Stellantis indicated that the actual data breach occurred last May although it was only being reported now. Similar to recent data breaches at Google, TransUnion, Allianz Life, Workday, Pandora, Cisco, Chanel, Dior, Louis Vuitton, Tiffany, Farmers Insurance and Qantas, the data was stolen not from Stellantis’ computer networks, but rather from Salesforce, a cloud-based customer relationship management (CRM) company used by Stellantis and many other companies to manage their customer data. The ransomware gang ShinyHunters managed to do this not by hacking Salesforce, but rather by using social engineering to trick TransUnion employees to enable access to the company’s Salesforce account containing its customer data.
Scam of the day – September 26, 2025 – Mail Theft and Bank Fraud
Cameron Martinas Curry and Quavaun Enreco Rhodes of Georgia were recently convicted of stealing mail from collection boxes in the Augusta, Georgia area and altering checks that had been mailed to have the money paid to them. Criminals around the country are increasingly stealing mail with checks in them from U.S. Postal Service mailboxes, “washing” the checks with simple nail polish remover to remove the name of the person or company to whom the check was made out and then writing in their own name. In other instances, the criminals will also change the amount of the check. In recent years Boston and New Orleans, for example, had large numbers of such mailbox thefts of checks that were then altered and cashed.
Scam of the day – September 25, 2025 – Georgia Prisoner Operates Scam While in Prison
Russell Tafron Weatherspoon, was convicted of masterminding a multistate scam between March 2022 and April 2024 in which he and other co-conspirators called targeted victims throughout the country posing as local law enforcement officers using an app that allowed them to spoof the phone numbers of legitimate law enforcement agencies so that their calls would manipulate their targeted victims’ Caller ID to make the calls appear to be actually coming from real law enforcement officers. The scammers told their victims that arrest warrants had been issued for them due to their failure to appear to testify in a court proceeding that they had been subpoenaed to attend. The scammers, conversant with legal terminology, directed their victims to obtain a bond to avoid arrest. What makes this case somewhat different from similar scams is the fact that Weatherspoon was directing this scam while serving time in a Georgia state prison for a 2020 conviction of aggravated assault and violation of the Street Gang Terrorism and Prevention Act. The calls were made by Weatherspoon and other inmates using cellphones that were delivered to Weatherspoon by drones.
Scam of the day – September 24, 2025 – Beware of Evil Twins
Whether we are at the airport, a hotel, a shopping mall, a coffee shop or almost anywhere else, you will usually find free public Wi-Fi service offered so that we can use our cell phones, laptops or tablets to connect to the Internet. However with this convenience can come danger. Too many people assume that the Wi-Fi that they are using is secure and this is not always the case. In fact, often an identity thief will go to the same coffee shop or other venue and set up his or her own Wi-Fi which is what you may unwittingly be tapping into when you think you are connecting to the Wi-Fi of the particular coffee shop or other place you find yourself at. Technologically, it is easy to set up a phony Wi-Fi that can steal data from your cell phone, laptop or tablet and use that information to make you a victim of identity theft. Last year, Florida Attorney General Ashley Moody issued a warning about these scammer created phony Wi-Fi networks which she calls “Evil twins.”
Scam of the day – September 23, 2025 – Social Security Phishing Email
Reproduced below is a very convincing phishing email sent by scammers posing as the Social Security Administration that attempts to lure you into clicking on a link that purports to provide a statement of your Social Security benefits. However, if you were to click on the link (which I have deleted) you would either be prompted to provide information that would lead to identity theft or download dangerous malware such as keystroke logging malware that can steal information from your computer including sensitive passwords and other information. The emails grammar is quite good, but that could merely reflect the use of AI to assist in creating the phishing email.
Scam of the day – September 22, 2025 – Farmers Insurance Data Breach Affects 1.1 Million Customers
Data breaches are a common occurrence which is disturbing because they can readily lead to your identity being stolen or you becoming a victim of a scam as the hackers leverage the data they steal to lure you into a scam. Farmers Insurance announced it has suffered a data breach affecting more than 1.1 million of its customers. Similar to recent data breaches at Google, TransUnion, Allianz Life, Workday, Pandora, Cisco, Chanel, Dior, Louis Vuitton, Tiffany and Qantas,the data was stolen not from Farmers computer networks, but rather from Salesforce, a cloud-based customer relationship management (CRM) company used by Farmers and many other companies to manage their customer data. The ransomware gang ShinyHunters managed to do this not by hacking Salesforce, but rather by using social engineering to trick TransUnion employees to enable access to the company’s Salesforce account containing its customer data.
Scam of the day – September 21, 2025 – Social Security Imposter Scams
Imposter scams have long been among the most lucrative for scammers. While there are many variations of this scam, the most common variations have involved scammers emailing their victims posing as a popular company with which we all do business or calling their intended victims on the telephone posing as some governmental agency such as the IRS or the Social Security Administration. The scammer then, under a wide variety of pretenses, demands an immediate payment or personal information that can lead to your becoming a victim of identity theft.
Scam of the day – September 20, 2025 – Gold Bar Scams Getting Worse
The Boston office of the FBI recently issued a warning scams involving people lured under false pretenses to cash in their savings, buy gold bars and deliver the gold to scammers. Earler this year ABC News did a story entitled “Gold Grifters” also exposing these scams. I have been warning people about this scam since I described it in the Scam of the day for May 7 2024 when I told you that Ravinkle Mathon was arraigned in a Maryland court accused of attempting to scam an elderly man out of $200,000 in an elaborate scam that has increased dramatically in the last year. Police say that the scam began with a phone call from Mathon to an elderly man in which Mathon posed as a federal agent telling the targeted victim that his identity had been stolen and that he needed to protect his savings by withdrawing all of his funds, purchasing gold with the funds and then turn the gold over to the alleged scammer for safe keeping. Fortunately, a family member of the targeted victim became aware of the scam and notified police who set up a sting and arrested Mathon when he came to collect the gold..
Scam of the day – September 19, 2025 – Treasury Refund Text Smishing Scam
A new text message scam presently circulating, a copy of which is shown below tells you that you have a tax refund that you must apply for by providing your online banking information or other personal information within a couple of days or lose the refund. This particular text message appears to come from the Michigan Department of the Treasury, but similar text messages are being sent to people in all 50 states. If you provide the information requested it will lead to identity theft and clicking on the link provided may download dangerous malware.
Scam of the day – September 18, 2025 – Phony Restaurant Delivery Scam
Ordering food online for delivery was somewhat popular prior to the pandemic, but really took off during the pandemic when people wanted restaurant food without having to go to a restaurant. Many restaurants have taken advantage of this interest and set up websites to facilitate ordering food deliveries and companies such as DoorDash and GrubHub also take online orders for food deliveries from multiple restaurants. As could be expected scammers have also gotten into the food delivery business although it would be more accurate to say that they got in the business of taking your online orders for food delivery, but deliver nothing except charges on your credit card.
Scam of the day – September 17, 2025 – Phony Evite Invitation Scam
Evite is a popular online invitation platform that allows users to create, send, and manage digital invitations for events such as parties, weddings, meetings, and other gatherings. It’s widely used because it simplifies the process of inviting guests and tracking RSVPs. Evite is trusted and familiar to many users, making it an effective disguise for phishing scams. Because people often receive Evite invitations from friends or colleagues, they may click links without suspicion—especially if the invitation appears to be for a social or professional event. If you click on links in a scam evite invitation you may end up downloading dangerous keystroke logging malware that can steal sensitive personal data such as passwords or account information from your phone or computer that will result in your becoming a victim of identity theft.
Scam of the day – September 16, 2025 – New Variation on Sextortion Scam
I have been warning you about sextortion scams for nine years. Generally sextortion scams begin with an email in which you are told that your computer and web cam have been hacked and that the scammers have video of you watching porn online. In the email, the...
Scam of the day – September 15, 2025 – Credit Card Declined Scam
Creative scammers have come up with a new way to scam you when you shop online. For years, I have warned you about phony retail websites that either appear to be that of legitimate retailers such as Wallmart or are just websites that come up high in a search engine search when you are looking to buy a particular item that offer great prices. Unfortunately, this problem has gotten worse with scammers now able to use AI to create phony retail websites that look entirely legitimate. Also, merely because a website comes up high in a search engine search does not mean that it is legitimate. Scammers either pay for a high position or are sufficiently savvy to create a site that the search engines’ algorithms will pick for a high position in a search.
Scam of the day – September 14, 2025 – Justice Department Charges Investment Advisor with Operating a Massive Ponzi Scheme
Federal Prosecutors in New York along with the SEC have brought both civil and criminal charges against Paul Regan accusing him of masterminding a massive Ponzi scheme in which he is alleged to have swindled 330 investors out of more than 63 million dollars. Regan sold phony investments in precious metals in Columbia and by Obamacare insurance polices that he told investors were guaranteed to bring annual profits of as much as 14% annually and were fully insured. Prosecutors say that none of this was true. They say that Regan used profits from later investors to pay early investors which is the mark of a Ponzi scheme, paid insurance agents that he hired to sell the phony investments although the insurance agents were not licensed to sell investments and kept the rest of the money to fund his own upscale lifestyle.
Scam of the day – September 13, 2025 – AI Makes Customer Service Number Scams Worse
Now scammers are manipulating AI to have their phony customer service numbers appear in Google’s AI Overviews and OpenAI’s ChatGPT. People unfortunately believe that AI is totally trusfworthy and call those numbers only to be scammed. AI harvests its information from the Internet and savvy scammers will insert their phony customer service number on online review sites, message boards and numerous websites. The more places the phony numbers appear, the more likely AI will pick them up and suggest them to you when you do an AI search.
Scam of the day – September 12, 2025 – New Twist on QR Code Scams
However, in the new QR code version of brushing, the targeted victim receives a package containing unordered merchandise without any sender information, but with a QR code that unwary victims will scan and either unwittingly download malware that can steal sensitive information from your cell phone or take you to a website where you are prompted to provide personal information that will be used to make you a victim of identiyt theft.