This tracker is designed to help visitors identify suspicious activity, read how scams work, and submit reports for review. Public submissions are marked pending until reviewed.
Enter a phone number, email address, URL, company name, or keyword.
Microsoft has released out-of-band (OOB) security updates to patch a critical ASP.NET Core privilege escalation vulnerability. [...]
View Source →Over 1,300 Microsoft SharePoint servers exposed online remain unpatched against a spoofing vulnerability that was exploited as a zero-day and is still...
View Source →France Titres, the government agency in France for issuing and managince administrative documents has disclosed a data breach after a threat actor c...
View Source →Fraud prevention and user experience don't have to be a tradeoff. IPQS shows how combining identity, device, and network signals stops fraud without a...
View Source →A previously undocumented data-wiping malware dubbed Lotus was used last year in targeted attacks against energy and utilities organizations in Venezu...
View Source →Hackers linked to Russia's military intelligence units are using known flaws in older Internet routers to mass harvest authentication tokens from Micr...
View Source →&#;x26;#;x5b;This is a Guest Diary by L. Carty, an ISC intern as part of the SANS.edu Bachelor&#;x26;#&#...
View Source →You won something, like free money made available through a government grant or program.
Why flagged: General scam indicators
Company: U.S. Government
Source: User
Scammers claim you can use government grant money for personal needs, like paying bills, education expenses, home repairs, or paying off debts.
Warning signsScammers ask for your personal information — like your Social Security number — to see if you qualify for a government grant.
Scammers ask for your financial information — like your bank account number — to deposit money from the government grant.
Scammers say you must pay processing or other fees to get your money — and insist you send them cash, gift cards, a wire transfer, or cryptocurrency.
Government agencies won’t contact you by phone, text, social media, or email about a grant that you didn’t apply for.
Government grants are not awarded for personal needs.
Victim is “hired” quickly and sent a fake check to buy equipment.
Why flagged: Email used, Website used
Company: Remote Hiring Offer
Email: hiring@remote-job-fast-example.com
URL: remote-job-fast-example.com
Source: Editor
Scammers offer a remote job with little screening, send a check, and instruct the victim to buy equipment from a preferred vendor. The check later bounces.
Warning signsFast hire, interview by text only, fake check, request to forward money, unofficial email domain.
How to avoid itResearch the employer, verify the domain, and never deposit checks to purchase equipment for a new employer.
Email stated I am 3 months behind in my bill payments.
Why flagged: Phone used, Email used, Website used
Company: Duke Energy
Phone: (800) 872-2395
Email: billing@dukeenerrgy.com
URL: duke-energy.com
Source: User
Threatening email stating I'm behind in payments. If I don't submit payment to URL website, power will be cut off.
Warning signsThreatening language, urgency to get payment
How to avoid itIgnore email. Submit email address to authorities for tracking.
With global attention focused on the conflict in Iran, it’s no surprise scammers have already added that situation to their story lines. Some recent reports to the FTC about imposter, romance, and fake charity scams include an Iran twist.
Why flagged: General scam indicators
Company: FTC or other gov. co.
Source: User
Scammers create fake charities that sound and look official.
Warning signsThey might claim to help people displaced or affected by the conflict in Iran and pressure you to donate in cash, gift cards, cryptocurrency, or wire transfers.
How to avoid itBefore you donate, go to ftc.gov/charity to learn how to research, what questions to ask, and how to spot a charity scam.
You get a call from a team member at “Apple” trying to persuade you that criminals are using your iCloud account for some seriously illegal activities.
Why flagged: Phone used
Company: Apple Special Investigations Unit
Phone: 800-MYAPPLE
Source: User
The scam starts when you get a call from “Apple Special Investigations Unit.” The caller will then tell you that your iCloud account has been hacked by a criminal, who is using it to store child sexual abuse images or other highly illegal files. The scammer will then ask for remote access to your device. They’ll promise to take the illegal data off the device or iCloud account, but only if you pay thousands of dollars. Once they have your money, they then also have access to your device to steal data and login details to perform further scams.
Warning signsThere’s no such team as the “Apple Special Investigations Unit.” Many of these scammers ask for payment in gift cards or other untraceable funds. A legitimate company will never do this. Apple won’t be the organization to contact you if your account is involved in illegal activity. Instead, law enforcement agencies are much more likely to be in touch.
How to avoid itChange your Apple ID password. You can do this on any Apple device or at the Apple website. Log in to your iCloud account and review your files. You’ll most likely find there’s nothing illegal or concerning in there. Report any suspected scams or fraud via the relevant USA.gov (https://www.usa.gov/where-report-scams) website.
Sugar scams involve a fraudster posing as a "sugar daddy"
Why flagged: General scam indicators
Company: unknown
Source: User
So what happened is I fell for a basic sugar baby scam where I was sent a check for $400 dollars. I was then asked to send $200 back. While the check DID show up in my bank account i’m worried that it will bounce later on.
Warning signs3 different numbers have been repeatedly calling me and now THREATENING me.
How to avoid itContact your bank immediately and let them know that you deposited a fake check. Your physical safety is not at risk, but your bank accounts are. You need to get ahead of it. Do not wait. Do it now.
Text claims a package cannot be delivered until you click a link and pay a small fee.
Why flagged: Website used
Company: Fake Delivery Notice
URL: track-my-package-fast-example.com
Source: Editor
Victims receive a text message claiming a package is being held. The message includes a link to a fake website requesting personal information and payment details.
Warning signsUnexpected text, urgent tone, odd URL, payment request for redelivery, spelling issues.
How to avoid itDo not click the link. Go directly to the official carrier website. Verify tracking numbers independently.
Caller claims suspicious activity on your account and asks for verification codes.
Why flagged: Phone used
Company: Fake Bank Fraud Dept
Phone: (888) 555-0199
Source: Editor
The caller pretends to be from your bank and tries to scare you into giving one-time passcodes or account information.
Warning signsPressure, threats, request for passcodes, caller ID spoofing, refusal to let you hang up.
How to avoid itHang up and call the bank using the number on your card. Never share verification codes by phone.
Asked by caller to return call to go over Medicare Advantage Plan options.
Why flagged: Phone used
Company: Aetna
Phone: (984)666-6722
Source: User
Ask for a lot of personal information. They try to get you to sign up for Medicare Advantage Plans by sending credit card info right away.
Warning signsConstant callbacks and urgency in voicemail.
How to avoid itDo not answer and do not return phone call.
I thought my boss was asking me to buy gift cards for clients.
Why flagged: Gift card request
Source: User
Didn’t read the email address or question it too deeply because I’m new to the job and I was afraid of being fired or in trouble. The message was sent at 9am with “can I have help with a quick project.” I read it at 1:30pm and was afraid if I didn’t do it fast enough they’d be mad I wasn’t at my email. I sent the gift card numbers.
Warning signsIf you get a sketchy email from work and you just updated LinkedIn there could be correlation.
How to avoid itApparently scammers go after people after they update their LinkedIn with a new job because they won’t know their boss/company culture well enough to say “That’s fishy”. If you sent the gift cards/card numbers then all you can do now is move on accepting it as a hard lesson learned.
If you still have the cards and they didn't get that info, you can trade them in to a gift card exchange site to try to recoup some of the money.
Wife and I went to file together as we have always done, my return was rejected due to someone filling them already.
Why flagged: General scam indicators
Source: News
People are stealing peoples mail and completely taking on other people’s identity for months sometimes years before the victim even notices and they’re stealing it from locked boxes.
Warning signsWhen you try to file your taxes, the IRS tells you they have already been filed.
How to avoid itYou can lock your ss# at uscis.dhs as well as locking your credit and putting on fraud alerts and consumer statements. Also file report with FTC and ic3.gov.
https://www.irs.gov/identity-theft-fraud-scams/get-an-identity-protection-pin
This is the official link. You will have to supply the IP pin to file your taxes from now. Highly recommended. If anyone tries to file your taxes, without the IP pin, the IRS will reject their tax filing.
So, I made an usual order on Amazon, but could not see, it getting delivered. Just in time I got an email, saying, my account has been blocked and I need to share my credit card details to unblock.
Why flagged: General scam indicators
Company: Amazon
Source: User
I made an usual order on Amazon, but could not see, it getting delivered.
Warning signsJust in time I got an email, saying, my account has been blocked and I need to share my credit card details to unblock. It all looked real and the email id too looked normal, until, I decided to talk to customer care and found out that they did not send any mail.
How to avoid itPLEASE don’t trust any email related to account lock or ban and reach out to customer care before doing anything. This is a bog-standard phishing attack that goes out to hundreds of thousands of people, at least, every day.
Criminals email to say they’ve hacked your computer and recorded you visiting porn sites.
Why flagged: General scam indicators
Source: User
If you don’t pay them, they’ll share evidence of your naughty behavior with your email contact list. To increase the pressure, scammers might include photos of your home (to make you feel like you’re being watched) and spoof your email address, so it appears that the blackmailer is contacting you via your own email account.
Warning signsThese are highly personalized messages that scammers use to extort you based on information they find in data breaches. Watch for weird language like: "You committed a criminal".
How to avoid itDon’t take the bait. Never open attachments from unsolicited emails. Stay calm. Blackmailers may demand payment within 24 hours, but urgency is a frequent scam tactic.
Lady Wants To Meet Up And Talk About Her Business
Why flagged: General scam indicators
Company: MLM, Amway?
Source: User
Woman wants to meet up with you somewhere (public place) and talk about her business. Attempts to persuade you to join.
Warning signsShe doesn't want to tell you what her job actually is. Mentioning the “lady that got her started is making six figures” is 100% her “upstream”.
How to avoid itDo you realize how trained these people are at making you agree to things you should not agree to? Just to be clear, what she said to you, the "deep talk about family and work", was meant to manipulate you into feeling a connection.