Copy
THE DAILY SCAM NEWSLETTER — DECEMBER 30, 2020
Content Director Doug Fodeman | Creative Director David Deutsch | Issue 332


THE WEEK IN REVIEW

What a year! COVID-19, systemic racism across the United States, Presidential chaos, U.S. government dysfunction, horrific wildfires, destructive storms and a rocketing rise in scams and online threats unlike any previous year we’ve monitored. These are just a few of the many circumstances that brought pain and suffering to families across our incredible country.  Everyone we talk to says that 2020 was the worst year they have ever experienced, and we agree! But there is hope on the horizon, especially with the appearance of newly developed vaccines, a new incoming government that already demonstrates confidence in science, empathy and building a government around greater diversity than any previous administration! These things make us feel hopeful that 2021 will be a better year than 2020. For this we are already grateful.

We are also grateful to our readers. In just six years, two dads who were disgusted by scams and online threats, organically grew a blog from 14,000 pageviews in 2014 to 350,000 pageviews in 2020. Many news organizations, reporters and even online magazines have quoted us or written about our efforts. We are now fortunate enough to be working with a production company to create a documentary about scams. Our data has helped the FBI significantly slow down one of the most emotionally brutal scams we’ve ever written about, and one that resulted in at least two suicides. (The “underage girl sext” scam.) We truly could not have accomplished this work without you, our readers!  So many of you keep us informed, send us your scam emails, texts, voice messages, and tell us about the threats that target you daily. Just to name a few, we want to personally thank Bobbie, Rob, Buck, Carlos, Cathy, Beth, Maria, Lana, Anita, Vince, Deanna, Lindsay, Laurie and Diana! Your contributions have helped us educate others and make this world a little bit safer and brighter. Thank you!

And to the heartless, gutless scammers who cause SO MUCH PAIN and suffering across the world, we hope your friends and families one day feel the kind of pain you inflict on others. Maybe you will then understand just how much damage and harm you cause to real people. As long as you continue to target others, we’ll be here fighting back.

Doug and David

 



 

One of the young men who had informed us about sketchy women contacting him sent us a set of four emails that he received from “Mary” between November 29 and December 21.  It doesn’t take a rocket-scientist to notice that each came from a different email address, including one in Germany (“.de” = Deutschland = Germany).  All are meant to initiate a reply and confirm that he’s gullible enough to respond.  He isn’t. 

But he sure enjoys sending them to us!
 



It’s been a long time since we published an article about advance-check scams targeting online teachers and tutors. But last week one of our readers sent us this screenshot. Apparently, a “Mr Wilbert” was looking for an online drum tutor for his daughter “Sara” and asked the musician to contact him at +1 302-313-2833.  Look at the way “Mr. Wilbert” listed that phone number!  Yes, a scam for sure! (You can read more about these types of scams at Scams Target Online Tutors.
 



UPDATE: Do you have an AT&T Account? You may want to familiarize yourself with this scam targeting AT&T account holders.  We’ve just updated our article with one recent account sent to us by a woman who barely dodged that bullet.  Visit:  Your AT&T Account Has Been Suspended

Finally, we spent several days investigating a business called QY Shippers after we heard from several people who were suspicious about the jobs they were offered.  QY Shippers has an extensive website (2, in fact!) and have several managers/supervisors who actually called to speak to candidates and newly hired employees via phone. AND THEY ARE A COMPLETE FRAUD!  Read how we outed this fraud with the help of a man we call Paul in our newest feature article about QYShippers.com.

Daily Scam Home Page

 

PHISH NETS
PayPal and USAA Bank

One of our readers sent us this screenshot of an email saying “Your PayPal account has been temporarily restricted.”  Yeah right.  The email clearly didn’t come from paypal.com!

Deeeeleeeete!



Another reader received this email about his USAA bank account. Except that he doesn’t have a USAA bank account!  The email came from zoominternet[.]net rather than usaa.com.  The link to “unlock your account” points to the shortening service at Ow.ly. 

Stay far away from that link!



Daily Scam Home Page

 

 

YOUR MONEY
Bank of America Gift Card, Congress' Mortgage Stimulus Program, and Walgreens Survey

“Congratulations! You Qualify To Get A $ 1 0 0 Bank Of America Gift Card!” (Notice the spacing between $100)  But wait, is it $50 or $100?  Looks like someone forgot to change all the $ values from a previously used scam email!  No matter. This “gift” apparently came from someone named “currey_floyd” at AOL and the links point to a domain called wantedsolo[.]net. Gee, do you think the domain is referring to the WANTED posters of the character “Han Solo” from the original Star Wars (as shown on Amazon)?  Probably not, considering that the Zulu URL Risk Analyzer tells us the link is 100% malicious and redirects to a website in Tunisia called lucidretention[.]com. (That’s a website that’s easy to remember!) 

Best delete!





 

“Your bank doesn’t want you to know this” says the subject line of this next email.  That, of and by yourself, is just one reason you should lunge for the delete key!  It suggests the content is about inappropriate bank activity just to appeal to your curiosity. This malicious clickbait is a perfect example how cybercriminals use current and relevant information to target consumers. The email begins with “Low [mortgage] rates hit an all time low” which is true for 30-year mortgages according to recent news reports such as this report on Bankrate.com. The email also says that you could be eligible for a Congressional mortgage stimulus program, and Lord knows Congress has been working on a stimulus program for Americans. (If you look carefully at the “search” field in the email you’ll see in grey that it suggests that it will search for information on a consumer website called NMLS Consumer Access but that is NOT TRUE!)

This email came from the crap domain sizelight[.]com and the links point to a page on windows[.]net, a service that has been misused many times according to Reddit users. This same clickbait targeted one email address 3 different times, from 3 different sources, on Christmas day. 

Now delete!






My God, another “short survey” rewards email!  We can only guess that these are effective because they are a constant threat sent by cybercriminals.  This one pretends to represent Walgreens and was shared with us by a TDS reader.  Though we couldn’t see where the link leads, we clearly see that the email came from the strange domain shave[.]earguings[.]com.  This domain was registered in mid-November, is hosted on a server in Turkey and the tech contact listed for this domain works on a street that doesn’t exist in Virginia. 

Need we say more?





 

Daily Scam Home Page

 

 
 

TOP STORY
Deceit and Lies Are Too Easy Online

It is a tradition for the Queen of England to make a speech on Christmas day.  This year, a “deep fake” speech created with the help of AI (artificial intelligence) software was released shortly after Queen Elizabeth’s real speech was delivered.  Check out CNN’s report about this event which, by the way, has understandably angered many Brits. However, the purpose of the fake speech was to remind people how terribly easy it is to create and spread deceit and lies in the digital world.  Honestly, it is too easy in great part because there are so few checks and balances that are meant to verify or authenticate WHO people/businesses are when websites are created or WHAT they have posted.  Here are a few recent examples of what we mean...

  1. 1st CAPITAL INVESTMENT BANK could be found at 1stcapinvtb.com 

    Looking at the website, it is very clear that it is an online bank offering personal and business accounts, online access and lending services.  Except it’s not.  It was a fraud site created by Nigerian 419 scammers in May, 2019 and used multiple times to trick people into believing that money was waiting in accounts for them if they would only pay various fees required to release it. (Many thanks to Rob for exposing this fraud! We contacted Namecheap.com, the hosting service of this scam site, and it appears to have been taken down 2 days later!)

    This “American Bank” domain was registered anonymously in the Netherlands through a European Union registrar service. Did anyone at either the Registrar or hosting service check up on the content posted on this site or verify the authenticity of ownership?  No, of course not because they don’t have to. ICANNs doesn’t require it, nor do any government agencies of any country around the world. Like we said, NO checks or balances.  No policing. No monitoring.




  2. World Express Delivery - can be found at Worldexpd.com
    If you look carefully at this website, you’ll see that they call themselves “World Express Delivery,” “Worldwide Express,” and “Wex Delivery USA.”  Their content and graphics were stolen from other websites, including the very real Worldwide Express found at wwex.com.  This is another scam website used to falsely claim that merchandise is being shipped to people once they pay the small fee, or some such nonsense. The domain, worldexpd.com, was registered on December 9, 2020 and is hosted on a server in Germany.





     
  3. Professional Who's Who 2020 - can be found at professionalwhoswho2020[.]com
    Most “Who’s Who” directories are scams of one sort or another, such as those that create a book that is sold to the people who are invited into it.  These are called “vanity scams.”  We, at TDS, received such an invitation last week. Lucky us! But the invitation came from a website called macbluray[.]com.  The link to submit our application to the 2020 “Who’s Who In America” list pointed to a website called unitytitans[.]com. This oddball website contains a redirect that will send us to an application on the website professionalwhoswho2020[.]com. This cleverly named domain was registered on July 7, 2020.





     

    If you were to visit the top page for professionalwhoswho2020[.]com you would find a notice from GoDaddy (the hosting service; see below) informing you that this is a parked domain. A parked domain is one that has been registered but doesn’t yet point to any website.  But if you visited the link provided in the email, you’ll indeed find a webpage that begins with an application form as well as a welcome message stating the Who’s Who recognition has been around for 120 years and has an A+ rating from the BBB.  (We checked the BBB.org website and this particular Professional Who’s Who 2020 service doesn’t exist on BBB.org!) How is it, we wonder, that GoDaddy shows this as a parked domain, with no apparent website, but there is indeed a website on a subdomain called “welcome,” and used to scam people?  To learn more about Vanity Scams, visit:

    https://www.thedailyscam.com/recognizing-vanity-scams/

    https://www.thedailyscam.com/worldwide-association-of-professionals/

    There is also a good article about Who’s Who vanity scams at OnlineThreatAlerts.com.





 

The current governance and implementation of domains/websites on the Internet as resources for the world is, in our opinion, completely broken! ICANN, the only governing body, fiddles while Rome burns. (But they make money from each domain sale!)  Even legitimate businesses, some who are now considered Internet monopolies, take advantage of users in ways that are unethical, unfair and offensive! Our own government is clueless and impotent in response to these unethical practices. Facebook and Google are perfect examples.  If you have any doubts about the Orwellian misuse of consumer data, listen to these two recent radio podcasts published on December 18 by the WNYCStudios program called “OnTheMedia.”  (Just click “Listen” on their web pages.)

“Living Under Surveillance Capitalism” - how digital giants like Facebook steal the very souls of citizens through the theft and misuse of personal data. (24 mins)

“The Cost of Facebook’s Monopoly is User Privacy.” It is about Facebook’s (and Google too) overwhelming gutting of consumer privacy. (14 mins)

If you think  you have any privacy in the digital world OR that your lack of privacy has no cost or consequence to you, then you are naive. Americans should begin to demand more of our government to better protect our privacy.  And citizens of the world ought to demand more from ICANN through their own country’s governments!

Daily Scam Home Page

 

 


FOR YOUR SAFETY
Apple Releases Major macOS Security Patches

STOP! Clicking any of the links in this email will INSTALL malware on your Mac!  The email came from a website in Italy (“.it”) called ftec360[.]it.


 

Until next week, surf safely!

Forward to Friends

About Us
Contact Support
Manage Subscription
Unsubscribe


SUBSCRIBE


Produced by:
Deutsch Creative
 
Copyright © 2020 The Daily Scam, All rights reserved.


Want to change how you receive these emails?
You can update your preferences or unsubscribe from this list

Email Marketing Powered by Mailchimp