Scam of the day – January 22, 2018 – Indiana Hospital Group Victimized by Ransomware

A few days ago, Hancock Health, which operates dozens of health care facilities in Indiana became a victim of ransomware in an attack that infected its computer system and locked up more than 1,400 of its files. In return for freeing the files, the cybercriminals demanded a ransom of approximately $50,000 in Bitcoins, which the hospital paid, after which their files which included patient records and company emails were unencrypted. It appears that the source of the ransomware infection was through an outside vendor of Hancock Health victimized by spear phishing.


Most ransomware attacks as well as other types of malware attacks are spread  through phishing emails that lure unsuspecting people into clicking on malware infected links or downloading attachments tainted with malware.  As I am constantly reminding you, never click on links or download attachments until you have confirmed that they are legitimate.

You also should update all of your electronic devices with the latest security updates and patches as soon as they become available, preferably automatically.  Many past ransomware attacks exploited vulnerabilities for which patches had already been issued.

As for protecting yourself specifically from ransomware, you should back up all of your data on at least two different platforms, such as in the Cloud and on a portable hard drive. Companies and agencies which can afford to should also use Whitelisting software which prevents the installation of any unauthorized computer software programs.

Scam of the day – January 21, 2018 – Equifax Free Credit Monitoring Offer Soon to End

Following the massive data breach at Equifax in which data including Social Security numbers of 145 million Americans was stolen, putting these people (myself included) in danger of identity theft for the rest of our lives, Equifax offered everyone one year of free credit monitoring through Trusted ID credit monitoring, however, the offer will be expiring on January 31st. The offer of free credit monitoring includes monitoring of activity at Experian and TransUnion, the other major credit reporting agencies as well as Equifax. The offer also offers the ability to lock and unlock your credit report at Equifax for a year at no charge. It is important, however, to remember that a credit lock is not the same as a credit freeze.

The best thing you can do to protect yourself from many forms of identity theft is to put a credit freeze on your credit report at each of the three major credit reporting agencies.  However, the credit reporting agencies are recommending that you use a new invention of theirs which they call a “credit lock” instead of a credit freeze to protect your data.  They tout them as being more convenient and tie them into other services.  However, the truth is that you are better off with a credit freeze than with a credit lock.  Credit freezes are governed by laws that protect you, while credit locks are creations of the credit reporting agencies pursuant to contracts which they can change at will.  In addition, you may not desire the extra services you end up paying for at Experian which includes credit locks in security packages that can cost you more than a credit freeze while providing services you may not need.  Quite frankly, I don’t trust any of the credit reporting agencies to have our best interest as their primary motivation so I believe you are better off choosing to put a credit freeze on your credit reports at each of the three major credit reporting agencies rather than a credit lock.


To get started, it’s best to first understand the laws and fees governing credit freezes in your state. This link describes the credit freeze laws for each state.

To get the maximum protection from identity theft, it is important to freeze your credit at each of the three major credit reporting agencies. Here are links to each of them with instructions about how to get a credit freeze:

Once you have frozen your credit, be sure to keep the PIN and information on how to unfreeze your credit report in a safe place.

If you wish to use the free credit monitoring offered by Equifax, you can do so at

You also may wish to use the free credit monitoring services offered by Credit Karma. In return for the free credit monitoring services, you agree to receive credit card recommendations. For more information go to

Scam of the day – January 20, 2018 – FTC Returning Money to Victims of Business Coaching Scam

The FTC is mailing thousands of checks totaling 2.2 million dollars to the victims of a telemarketing scam through which the scammers promised substantial income to people who paid for their work-at-home Internet business coaching services. The scammers used various names to perpetrate their scams including Professional Learning Institute, Pinnacle Learning Institute, Advantage Education and Discover Education. If you were a victim of this scam you should be receiving a check in the mail shortly. For more information about this scam you can go to the top of the first page of the Scamicide website and click on the tab entitled “FTC Scam Refunds.”

It is important to remember that there is no charge to victims to be eligible for these cash refunds nor will you be required to provide personal financial information. If you are contacted by someone seeking payment to become eligible for the refund or asking for personal financial information pertaining to receiving your check, he or she is just another scammer.


While there are legitimate work-at-home opportunities, many scammers lure people into phony work-at-home schemes that are merely scams. As always, if it sounds too good to be true, it generally is. Never invest in a work-at-home scheme unless you have thoroughly investigated the company offering the program and the program itself. In addition, work-at-home programs that pay you merely to reship goods sent to you are often part of a larger scam where stolen credit cards are used to purchase goods that are sent to you to reship to an accomplice of the original scammer as a part of money laundering. In that scam, you may not only risk losing money to a scammer, but even becoming an accessory to a crime.

Scam of the day – January 19, 2018 – New Bitcoin Scam

The rapid rise in the value of Bitcoins and other cryptocurrencies have attracted many eager investors, but unfortunately, have also attracted many scammers eager to take advantage of unwary investors. One particular scam involves an app that, for a prepaid fee, will mine Bitcoins on your behalf which are then transferred to an account from which you cannot take out the Bitcoins.


The best way to avoid becoming a victim of the particular scam described above is by researching thoroughly any company with which you are considering doing business in regard to purchasing Bitcoins.

Bitcoins and other cryptocurrencies are popular with many people due to the anonymity involved with cryptocurrency transactions as well as the lack of fees involved in their use.  However, digital currencies, just as everything else tied to computers carry inherent vulnerabilities.  The best ways to avoid problems is to take particular care in choosing where you store your Bitcoins online.  Many Bitcoin exchanges have had security breaches and will always be a prime target for hackers.  In addition to using a strong password you should also use dual factor authentication to provide greater security, encrypt your wallet and backup your entire wallet.  Finally, make sure that your Bitcoin software is updated with the latest security patches as soon as they become available.

Scam of the day – January 18, 2018 – New IRS Phishing Scam Targets Hotmail Users

The IRS has issued a warning to taxpayers and tax professionals about a new phishing scam specifically targeting Hotmail users in which scammers posing as the IRS attempt to steal personal information which can be used for purposes of identity theft. The email’s subject line reads “Internal Revenue Service Email no. XXXX.” The email indicates that your unexplained request is being processed and prompts the targeted victim to sign in on a phony website that asks for personal and financial information. This particular phishing email has been limited to users of Hotmail, but similar phishing emails can be expected to use other email providers.


It is important to remember that the IRS will not initiate contact with anyone through email. If you receive such an email and have any thought that it might be legitimate, you should merely call the IRS where you can confirm that it is a scam. Often you can immediately determine that the email is phony merely by looking at the email address of the sender which may have no relation to the IRS, but be the address of an innocent victim whose computer was hacked and made a part of a botnet to send out large numbers of phishing emails. Other times the email address may even appear to be from the IRS, but email addresses can be “spoofed” and appear to be legitimate when they are not. Trust me, you can’t trust anyone.

Scam of the day – January 17, 2018 – Winter Olympic Scams

On February 8th the Winter Olympics will begin in South Korea and much of the world’s attention will be on this magnificent sporting event. Of course anything that interests the public also interests scammers seeking to capitalize on that interest. As the Games get underway many people will be receiving emails and text messages purporting to contain updates, photos and videos of Olympic events.  Unfortunately, if you click on the links or download the attachments in these emails, you will end up downloading keystroke logging malware that will steal your personal information from your computer, laptop, tablet or smartphone and use that information to make you a victim of identity theft.   You also run the risk this year of downloading ransomware that will encrypt all of the data on your computer and threaten to destroy it if you do not pay a ransom.

Also, If you are shopping for Olympic merchandise, you should be wary of the large amount of counterfeit and poor value, fake Olympic merchandise that is being sold on the Internet.


As I have warned you many times, never click on a link or download an attachment unless you are absolutely sure that it is legitimate.  In regard to Olympic email or text message updates you are better off not downloading or clicking on links in any emails or text messages you may receive even if they appear to be from a legitimate source because the URL may appear to be legitimate, but may merely be “spoofed” or copied from a legitimate site so it appears legitimate, but in truth is not.  You are better off going directly on your own to sources such as that you know are legitimate.  Also, make sure that your anti-malware and anti-virus software is installed and up to date on all of your electronic devices.  Also, be wary of links sent to you through social media such as Facebook even if they look legitimate because it is easy to hack someone’s social media accounts to send out malware that unwary victims click on.

For information about the games and schedules of all events, you can go to the official Olympic website  If you want Team USA merchandise, go the official Team USA website of   Both of these websites are safe and secure places to purchase official Olympic merchandise and apparel.

Scam of the day – January 16, 2018 – New PayPal Phishing scam

PayPal is a popular payment service used by many people particularly with eBay. Therefore it can seem plausible when you receive an email that purports to come from PayPal asking you to confirm a transaction. However, anyone responding to the latest phishing email reproduced below would end up providing personal information to an identity thief.

PayPal is often the subject of phishing emails as I have described numerous times in past Scams of the Day. This particular phishing email looks legitimate. The email address from which it is sent appears to be connected to PayPal, but that is not the true address of the sender. The graphics and the grammar appear legitimate although the email does not refer to you by name. It also came with a legitimate appearing PayPal logo, but that is easily counterfeited. It also contains references to Digital Federal Credit Union, which may seem official, but has nothing to do with PayPal. If you click on the links indicated, this particular email will take you to a legitimate appearing page that asks for tremendous amounts of personal information that can be used to make you a victim of identity theft.

“Your PayPal Payment Has Been Sent
Your payment to John Gregg was sent. If you did not make this payment, You have within the next 24hrs to cancel Payment before it reaches the recipient.

Login Now to cancel payment.

DCU Home Branches Branch and ATM Locator Contact Us
Find us on Facebook
Our Privacy Policy protects your privacy and we will never sell your name or email address. Federally insured by NCUA. DCU is an Equal Housing Lender.
Please do not reply to this email. © 2016, Digital Federal Credit Union
220 Donald Lynch Boulevard, PO Box 9130, Marlborough, MA 01752-9130”


The primary question we all face when we receive such an email asking for personal information or urging us to click on a link is how do we know whether to trust the email or not. The answer is, as I always say, trust me, you can’t trust anyone. Regardless of how legitimate such emails appear, you should not provide any personal information or click on any links until you have independently verified that the request for personal information or instructing you to click on a link is legitimate. In the case of PayPal, if you have a question about your account, you can contact PayPal online at