5 clever tricks holiday scammers use

JD in Dallas emailed me with a story. He and his wife were at the mall and stopped for a Christmas selfie. Two young men walking by offered to take the pic for them — and one kept wiping the phone’s lens inside his jacket.

“It seemed like too big of a production and felt suspicious. Am I overreacting?”

JD, you learned a valuable lesson: Never hand your unlocked phone to a stranger. They were most likely trying to send themselves money. Have your wife check her financial accounts for any strange transactions.

The holiday shopping frenzy is here, and most tricks are digital. It’s easy to let your guard down when you’re in a rush. I’ve got a list of the most devious scams you need to watch, brought to you by my antivirus pick, TotalAV.

Don’t fall for this junk

📦 Fake order confirmations: These are everywhere. The message is some variation of “Your package couldn’t be delivered!” Click the link to reschedule delivery and you’ll land on a fake site that asks for personal details like your address or credit card info.

🎁 Bogus giveaways: “Win $1,000!” Just fill out a quick form and you’re in! And you’ve just handed over your email, phone number and other details to who-knows-who. Only enter giveaways from companies and people you trust (like me!).

🔍 Search engine traps: You search for a store’s site or return policy and land on a scammy duplicate designed to steal your login info. Always type in the web address directly if you know it; otherwise, scroll past sponsored results, which are easier to hack.

💳 Skimmed checkout pages: Everything looks normal, but hidden behind the scenes, a skimmer on the site steals your credit card details.

🤖 Bogus CAPTCHA forms: You know the drill: Prove you’re human by checking “I’m not a robot.” But what happens next is the trap. Instead of moving forward, you’re asked to download a file for “instructions.” Spoiler alert: That “instruction” file installs malware on your device.

Kim’s holiday safety checklist

These scams are tricky, but you can outsmart the bad guys.

Continue reading

Beware: Convincing new PayPal invoice scam

“Reminder: You’ve still got a money request!” That was the subject line of the messages flooding my husband Barry’s inbox all week. He’s not the only one; there’s a sneaky scam going around that looks totally legit … because it actually comes from PayPal.

Continue reading

He lost $1 million to scammers

Open/download audio

A 79-year-old man lost his life savings to scammers pretending to be WWE wrestler Alexa Bliss. Plus, sending medical info to ChatGPT, AI news anchors canned and Jaguar’s controversial new commercial.

Another scammer is now rich: A retired Florida therapist thought she was helping the FBI take down a Mexican cartel. Really, scammers convinced her to wire $600,000 from her retirement account to a protected “government locker.” Her banks tried to warn her, but she was fed a script to get them off her back. How awful.

Don’t fall for it! Hackers are trying to get you to scam yourself

You’re pulling your hair out, trying to fix something on your computer. You Google it and find what looks like a helpful website or a tutorial with easy step-by-step instructions.

Phew, you’re finally solving your problem, but hold up! You’ve just walked into a “scam-yourself” attack. Cybercreeps use this clever strategy to trick you into compromising your tech so they don’t have to do the dirty work.

Continue reading

Area codes and numbers that are probably spam

Whew, the election’s over. The onslaught of robocalls and texts is over, too … right? Nope.

There are fewer political calls and messages, sure, but there are always scammers and spammers. It may be easier for these creeps to get a hold of us now that our phones aren’t constantly lighting up with election-related notifications.

Continue reading

🚨 Use Gmail, Outlook, Apple Mail or Yahoo? No joke, three out of every four Black Friday-themed emails are scams. The scammers’ goal? To steal your credit card info or plant malware. Brands most impersonated include Amazon, Shein and Costco. Stay safe: Always double-check the sender’s email address (not just the sender’s name) before you click.

Another scam heading our way: Cyber authorities in Switzerland are warning about malicious QR codes being sent through snail mail. Fraudsters are urging people to scan and download a new Severe Weather Warning app, but it’s actually malware. Once installed, hackers can take over your phone, steal info from your banking apps and stay hidden from detection. If it’s working there, it’s coming to the U.S., too.

Meta killed over 2 million accounts this year: Scammers were using them for pig-butchering schemes. The fake profiles lured victims into bogus investment traps. These scams mostly come from Asia, where 300,000 people have been forced to work for criminals. But why did Meta let 2 million scammers make accounts in the first place? Because they can’t “afford” to hire people since they only made $40.59 billion in the last quarter. Silly me.

Wtach out for typos: Scammers are stealing a boatload through accidental crypto transactions caused by typosquatting. They make copycat URLs close to real sites and wallet addresses. Type it in and your money goes right to a scammer. You’ll never get it back. The shady practice pulls in $500 million a year. Stay safe: Always triple-check to make sure you’re sending money to the right place, crypto or otherwise.

Heartbreaker: A 79-year-old man lost nearly $1 million to scammers pretending to be WWE wrestler Alexa Bliss. Over the years, they drained his retirement savings and even his granddaughter’s college fund (paywall link). The saddest part? When his son moved the last $100,000 to a safe account to protect it, the man sued and disowned him. He then sent that $100,000 to the scammers, too.

🚨 Black Friday alert: Chinese scammers are imitating big brands like L.L. Bean and Ikea with “deals” up to 80% off. They use tracking pixels in Meta and TikTok to detect your location and translate the site so it looks legit. Don’t fall for too-good-to-be-true offers, and shop on official sites only!

🎖️ He’s not that into you: Officer Kagan Dunlap says his wife constantly gets messages accusing him of cheating on her. The good-looking Marine isn’t unfaithful. Romance scammers have been using his photos since 2015 to woo women around the world, and some victims have lost thousands of dollars to their tricks. Pro tip: Do a reverse image search on anyone who claims to “love” you but you haven’t seen them IRL.

Social Security recipients get a 2.5% raise in January: Scammers are on it. The increase will show up automatically in your bank account or as a check in the mail, no action needed. If anyone contacts you asking for “extra steps” to get your raise, it’s a scam. Report any suspected fraud.

🎣 Reeled in a big one: A 33-year-old Nigerian man was sentenced to 10 years for a phishing scam that stole $20 million in nest eggs from over 400 U.S. homebuyers. He sent phishing emails to real estate professionals, tricking them into providing their login credentials. Using those, he redirected home purchase payments to compromised accounts and laundered the money into bitcoin via Coinbase, according to the DOJ.

🚨 Scammers’ newest trick: This time, it’s fake arrest warrants claiming you’re facing felony charges for missing jury duty. They’re using texts and calls — a huge red flag, since the police don’t text about arrests. These warrants can look legit, with a judge’s signature and all. Pro tip: Any time you get a call from the police, call your local non-emergency line to see if the police call is real.

🚨 PSA: Slow down: A 65-year-old woman in Maine lost $23,000 to a scammer posing as Bank of America. The thief tricked her by saying they needed her to share her screen to stop an unauthorized transaction, then they had her complete a wire transfer to “protect” her money. If you get one of these “act now” calls, don’t bite. Hang up and call your bank.

Best way to stop spam texts for good

“Official notice from USPS. Your delivery is on hold.” I wonder why …

“Hi, how are you?” Who could this be?

Continue reading

⚠️ He was scammed, then taxed for it: A California man lost his life savings to scammers posing as the FTC. The fraudsters convinced him to move his money to a “secure account.” Huge mistake: He sent thousands in cash and gold through couriers and dipped into his retirement accounts, racking up over $30,000 in taxes. It’s one thing getting scammed, but it’s a double whammy to pay taxes on it.

🚨 AI voice scams spreading: An elderly father was duped out of $25,000 after scammers called him using an AI-generated voice of his son. The caller, his “son,” claimed he’d hit a pregnant woman while driving and needed bail money ASAP. The father withdrew the cash, an Uber picked it up, and the con artists disappeared. Reminder: Scammers thrive on fear and urgency, so always verify phone numbers and set up a family safe word for emergencies.