• A new unsubscribe email scam tries to scare people into “unsubscribing” from confirmation emails coming from an adult dating list.
  • The unsubscribe button could lead to malware or to a form to steal your personal information.
  • Anyone who receives a suspicious email they are not expecting should ignore it and not click on any links, open any attachments, or download any files. Users can also report the email as spam.
  • For more information, contact the Identity Theft Resource Center toll-free at 888.400.5530. You can also live-chat with an expert advisor on the company website.

Scammers are always looking for new ways to dupe consumers into turning over their personal information or spreading malware to one of their devices. A new unsubscribe email scam reported to the Identity Theft Resource Center (ITRC) tries to trick people into clicking an “unsubscribe button” that could be either a malicious link or a form to steal your personal information.

Who It Is Targeting

Email users

What It Is

A “confirmation” email that claims you received a private message from an adult dating website. The fake email asks the user to confirm by entering their email address and name, and it gives people an option to “unsubscribe” if they would like to stop receiving the adult dating list emails. Scammers use scare tactics such as an email from an adult website in hopes people will click the “unsubscribe” button.

What They Are After

Entering your email address and name into the confirmation email gives cybercriminals the personal information needed to commit identity crimes. Clicking the “unsubscribe” button could lead to malware infecting your device, or to a form that asks for your personal information.

What You Can Do

  • If you receive a suspicious or unexpected message that includes links or asks for your information, ignore it. If it claims to be from a legitimate company, go directly to the source to verify the validity of the message.
  • Do not click on any links, open any attachments, or download any files in an email or text unless you confirm it is legitimate.
  • Use your email provider’s “spam” feature to report the email as junk rather than clicking unsubscribe.

If you believe you have fallen victim to an unsubscribe email scam or have additional questions, call the ITRC toll-free at 888.400.5530. You can also live-chat with an expert advisor on the company website.

  • The Federal Trade Commission reports that people who lost money to scams that started on social media has more than tripled in 2020, with a significant increase in the second quarter of the year. 
  • The increase in social media scams fits the overall 2020 trend of more phishing scams on channels besides email. 
  • Some recent social media scams include romance scamsfake advertisements, and social media messages offering grant money or giveaways. 
  • To reduce the risk of falling for a social media scam, don’t click on any links from unknown messages, do research on any ad seen on social media, and never send money to someone you’ve never met in person. 
  • To learn more, contact the Identity Theft Resource Center toll-free at 888.400.5530, or speak with an expert advisor via live-chat on the company website. 

There is an increase of social media scams in 2020, fitting the overall trend of the year of more phishing scams on channels besides email. Scams strike people in many different ways, ranging from robocalls to phishing attacks. While social media websites are another platform scammers use for their attacks, it’s not always the first place people think to monitor when they hear the phrase “phishing scams.” 

Scammers Take Advantage of More People Online During COVID-19 

However, 2020 is different. Social media is already a great place to connect, but especially right now due to COVID-19. More people are using social media, and scammers are aware. In fact, more scammers are hanging out on the sites, posing a greater threat for scams to users. Scammers know COVID-19 changes the way people live, and they try to take advantage in any way possible. 

New Report on Increase in Social Media Scams 

The Federal Trade Commission (FTC) reports that people who lost money to scams that started on social media has more than tripled in 2020, with a significant increase in the second quarter of the year. The FTC says the growth has been happening for years, reporting social media scam fraud losses of $134 million in 2019.  

However, the first half of 2020 had $117 million in fraud losses from social media scams alone. Some recent social media scams include romance scamsfake advertisements, and social media messages offering grant money or giveaways. Often, scammers create fake profiles of people victims may know to take advantage of them. In some cases, scammers will even take over a real person’s account. 

How to Avoid a Social Media Scam 

Consumers can do a handful of things to reduce their risk of falling victim to a social media scam.  

  1. Check the validity of any ad you see on social media. Do a quick Google search of the supposed business followed by “complaints,” “reviews” or “scam.” This will help you determine whether or not the company has been reported or accused of any suspicious activity. Also, directly search for the company website. Any legitimate company will most likely have contact information on their webpage. 
  1. Never click on a link or open an attachment without verifying the validity of the message or ad. You can do this by directly reaching out to the company to see if they sent the message or posted the ad. If not, it is probably a scam. If you cannot find any contact information for the company, it is probably a scam. 
  1. Reach out directly by phone or email to the friend or family member asking for money or personal information. If they did not send the message, the sender’s account was probably hacked. 
  1. Never send money or personal information to someone you have never met in person. Imposter scams, where scammers try to trick people into giving up personal information or money by posing as someone fake, continue to rise throughout the country.  
  1. Regularly check your privacy settings on all of your social media platforms. Make it more challenging for scammers to target you by limiting what you share online. 

Contact the Identity Theft Resource Center 

Consumers should be aware of the 2020 trend around scams and that scammers will continue to hang out in the social media space. However, if everyone does their part, they can still enjoy the platforms with minimal risk of falling for a social media scam.  

To learn more, or if you believe you are the victim of a social media scam, reach out to the Identity Theft Resource Center (ITRC) toll-free at 888.400.5530 or by live-chat on the company website. Also, download the ITRC’s free ID Theft Help app for access to additional resources. 


Read more of our latest articles below

Phishing Attack Report Reveals Microsoft is the Top Spoofed Brand and Other Data Breach News

New VPN Security Vulnerability Could Affect Businesses and Consumers

Election Scams Begin to Surface with the General Election Less than One Month Away

  • Election scams are beginning to appear, prompting the FBI and Cybersecurity and Infrastructure Security Agency (CISA) to warn consumers that spoofed internet domains and email accounts pose cyber and disinformation risks to voters. 
  • Scammers are also looking to trick voters by mimicking ballot-tracking text services
  • Identity thieves are seeking many different forms of personally identifiable information (PII), looking to commit malware attacks, and creating fake websites to collect PII or spread false or misleading information. 
  • Consumers should never share PII, respond to any unexpected messages until they have verified the website address, email address or text message link by checking with the legitimate source.  
  • For more information, or if you fell victim to an election scam, reach out to the Identity Theft Resource Center toll-free at 888.400.5530 or on our website via live-chat.  

The general election is less than one month away, and scammers are aware. Multiple voting organizations are expressing concerns over fake election-related websites that look like official voting resources, but contain false or misleading information, as well as phishing emails that are designed to gather personally identifiable information (PII) or spread malware. Some states are also seeing scammers trying to trick voters with phony text messages, like in California, where they mimic ballot-tracking text services. The FBI and Cybersecurity and Infrastructure Security Agency (CISA) want to help people spot and avoid every form of election scam.  

Who It Is Targeting 

Voters; Online device users 

What It Is 

Scammers are using many different tactics to try to trick voters: 

  • They create fake election-related websites to spread misinformation, confuse people, or trick voters into sharing personal information ahead of the November 3 elections. According to the FBI and CISA, election scams around fake websites aim to mislead voters and try to use interest around voting to steal people’s passwords. Scammers create websites that try to imitate election websites by altering one or two letters in the site’s address.  
  • Another election scam the FBI and CISA want people to be aware of is phishing emails. Scammers email voters from spoofed addresses that appear to come from election officials.  
  • Scammers are using text messages to attack, too. Some text messages claim they are from the United States Postal Service (USPS). Others look like they are from the Registrar of Voters asking consumers to take a survey or re-register to vote. Some even offer prizes for voting or registering to vote. 

What They Are After 

“There’s risk to you personally,” James Lee, Chief Operating Officer of the Identity Theft Resource Center (ITRC), told NBC 7 San Diego in an interview. “And in this case, because we’re talking about an election, there’s risk to our society. There’s risk to our country.” 

All of these election scams try to steal usernames, passwords or email addresses. They lead to the collection of PII and spread malware, leading to the potential of more compromises and financial losses in the future. 

What You Can Do 

  • Verify the spelling of all websites, email addresses or links in text messages. Make sure domains consist of http or https at the beginning of the domain, and .gov at the end if it is a government website. 
  • If you receive an unexpected or unsolicited email or text message, ignore it and do not click on any links. Go directly to the source to verify the validity of the message. 
  • Find election information from trustworthy websites, like the Election Assistance Commission.  
  • Make sure all of your applications are up-to-date and update your anti-virus and anti-malware systems. 
  • If possible, use two-factor authentication (2FA) on your accounts.  
  • Disable or remove unneeded applications from your devices. 

If you believe you are a victim of an election scam or want to learn more, contact the ITRC to speak with an expert advisor toll-free at 888.400.5530. You can also live-chat with us on our company website. 

  • Scammers are taking advantage of Apple users eager to purchase the iPhone 12 with a chatbot scam offering “a free trial” of the new device.
  • Threat actors are looking to steal people’s credit card information and other identity information. They can use the information to commit financial identity theft.
  • Consumers are urged to ignore any suspicious text messages and verify their validity by going directly to the source.
  • Anyone who believes they are a victim of the phishing scam, or wants to learn more, can call the Identity Theft Resource Center toll-free at 888.400.5530, or live-chat with an expert advisor on our website.

The iPhone 12 is expected to be released in October, and many are restlessly awaiting the anticipated launch. Scammers are aware and are sending iPhone 12 chatbot scams via text message, hoping to steal people’s personal information like names, addresses, and financial information like credit card numbers and security codes. While the scam tries to convince people they have won a free trial of the iPhone 12, the only ones winning with the iPhone 12 chatbot scam are the scammers.

Who It Is Targeting

Apple product users

What It Is

It’s a mobile phishing campaign that is spreading through text messages. The text messages from the iPhone 12 chatbot scam appear to come from an Apple chatbot offering free trials for the iPhone 12 before its release. When people click on the link in the text message, it triggers multiple text messages, ending with one saying the user qualifies for a test group before taking them to a “payment” screen for shipping charges.

What They Are After

The iPhone 12 chatbot scam is ultimately after people’s credit card information. After people click through the questions and learn they are “eligible,” they are taken to the “payment” screen where they are asked to enter their credit card information because there is a “courier delivery charge.” Once victims give out their personally identifiable information (PII), scammers can then use it to commit identity theft.

What You Can Do

  • If you receive a text message you are not expecting that requires you to act, ignore it. Instead, go directly to the source to verify the validity of the message.
  • Look for grammatical errors and stylistic issues in the text message to spot the phishing scam.
  • Remember, if the offer seems too good to be true, it probably is. Do not enter any personal information or click on any links for an offer unless you confirm it is legitimate.

If you believe you have fallen victim to the iPhone 12 chatbot scam or have additional questions, you can call the Identity Theft Resource Center (ITRC) toll-free at 888.400.5530. You can also live-chat with an expert advisor on the company website.


Read more of our latest blogs below

50,000+ Fake Login Pages for Top Brands from Credential Theft

Cyber-Hygiene Tips to Keep Consumers Safe

SCAM ALERT: Is this an Amazon Brushing Scam?

  • People selling their homes are receiving unsolicited unemployment benefit payments
  • Scammers are using identity information stolen in data breaches to apply for government benefits
  • If you receive an unsolicited benefits payment, tell your mail carrier or file a fraud report with the Postal Inspector

“After our home was listed on the Multiple Listings Service (MLS), and after major real estate sites like Zillow and Realtor.com picked up our listing, we began receiving dozens of letters daily from the California Employment Development Department. The envelope messaging ranged from everything from ‘timely response requested’ to letters from the Overpayment Department.”

That is what one person recently reported to the Identity Theft Resource Center (ITRC), and others are experiencing as well. Unemployment benefits mail fraud scams are making the rounds, leading to threat actors exploiting people whose personal information has been stolen or is otherwise public. Crystal contacted the ITRC to see what could be done to stop the daily delivery of fraudulent benefit payments.

“The first time this happened, I returned the letters to the post office with “Return to Sender. Addressee never lived here. Fraudulent” written on each of the envelopes,” Crystal said. “The next day, we received more letters (17), and by day three, when it looked like there were over 25 letters, our postal carrier knocked on the door. He asked if any of these people ever lived here and, after answering no, asked me what I thought was happening. He said he would let the post office inspector know – and that an investigation would be opened.”

Crystal believes the scammers were using her home address to apply for benefits in other people’s names. The U.S. Postal Inspection Service (USPIS) told the ITRC they are aware of the unemployment benefits mail fraud scam where people receive legitimate benefit debit cards, real confirmation and declination letters, and notices of employment in the mail. The USPIS says they are working with letter carriers to help spot these scams.

Who It Is Targeting

Home sellers; unemployment benefit applicants.

What It Is

Mail fraud scams where victims are receiving suspicious mail regarding unemployment benefits.

What They Are After

Scammers use stolen identity information, including Social Security numbers (SSN), to apply for unemployment benefits using the addresses of homes that are being sold. Once approved, the state unknowingly issues benefits to the attackers. These identity thieves hope to retrieve the benefit cards from the mail at the “for sale” house or contact the homeowner to request the mail be forwarded to the thief.

What You Can Do

If a suspicious offer, promotion or solicitation arrives through the mail, give it to your letter carrier and ask them to pass it along to a Postal Inspector. You can also bring it to your local post office, or forward the solicitation to the USPS Criminal Investigation Service Center at:

U.S. Postal Inspection Service

Criminal Investigations Service Center

433 W. Harrison Street, Room 3255

Chicago, IL 60699-3255

You can report fraud at their website http://www.uspis.gov/ or call 877.876.2455 and say “Fraud.”

The ITRC is here for anyone who is targeted with an unemployment benefits mail fraud scam. Victims can call the ITRC toll-free at 888.400.5530 or live-chat on the website to speak with an expert advisor.

CashApp scams have seen an uptick since COVID-19 began impacting the United States. In April, we wrote about scammers out in full force trying to get consumers to fall for CashApp scams by clicking on fraudulent and malicious links that could steal people’s money and identity, taking advantage of the economic hardships. Now, the Identity Theft Resource Center (ITRC) is receiving multiple calls and live-chats about a twist on the CashApp scam: a CashApp customer support scam.

Who Is Targeted

CashApp users

What It Is

A CashApp customer support scam where scammers act as CashApp customer support on a hotline to gain access to users CashApp accounts or ask users to download software to allow remote access to their mobile device.

What They Are After

Scammers are after money and personal information using a fake customer support hotline. In one CashApp scam case reported to the ITRC, a scammer stole all of the victim’s money and changed their username and password. In another case, a scammer was able to get a hold of the victim’s bank account number and access the victim’s bank account.

How You Can Avoid It

  • As of right now, CashApp only offers customer service via email or through the app, not by telephone. Reach out to customer support directly through the company’s website or app.
  • Never give out personal information over the phone if you do not know who is on the other end.
  • Do not download software to allow third parties to have access to any of your mobile devices.
  • Only use CashApp to transfer money to people you know.
  • Add additional security measures, including multi-factor authentication.

If you think you may have fallen victim to a CashApp customer support scam, you can call the ITRC toll-free at 888.400.5530. You can also live-chat with an expert advisor on the company website.


Read more of our latest blogs below

Fortnite Gaming Data Being Sold for Hundreds of Millions of Dollars Per Year

“Meow” Attacks Lead to 4,000 Deleted Databases and Perplexed Security Experts

Cense.Ai, Freepik and ArbiterSports Headline Recent Data Breaches

With some businesses opening back up after temporarily closing due to the COVID-19 pandemic, scammers are trying to capitalize using online job scams to steal people’s personal information.

Recently, Scripps Health found hackers exploiting job seekers through phishing emails with Scripps Health-themed “lures.” Scripps sent the following email to warn their community members:

Image provided to the Identity Theft Resource Center by public

ATA Engineering, another San Diego-based company, reports they also are seeing similar-type online job scams.

The Identity Theft Resource Center (ITRC) has seen a rise in victims contacting the organization about online job scams, including phishing emails. Some of the particular job scams reported to the ITRC include ones from Indeed, Zip Recruiter, and Facebook. The ITRC has had more than 40 victims reach out about online job scams the last three months.

Who Is It Targeting

People looking for work amist the COVID-19 pandemic

What Is It

Either a fake listing posted on a job board or a phishing email, robocall, social media message, or text message looking for a response.

What Are They After

While scammers attack in different ways, they are all looking for one thing: personal information. They hope they can trick people who are desperate or vulnerable into giving up sensitive data like usernames and passwords, financial data, or Social Security numbers. Once scammers have that information, they can commit many different forms of identity theft.

How You Can Avoid It

  • Never click on a link or open an attachment from an email you are not expecting. Instead, go directly to the source to verify the validity of the message.
  • Review all emails and websites carefully to make sure there are no suspicious addresses, subject lines or URLs.
  • Be careful about how much personal data you share, at least during the application process. Do not turn over information like your Social Security number until you are hired.
  • Make sure you have the job, and it is legitimate, before giving away financial information like a bank account number or routing number for direct depositing of paychecks.

If you think you may have fallen victim to an online job scam, you can call the ITRC toll-free at 888.400.5530. You can also live-chat with an expert advisor on the company website.


Read more of our latest articles below

Phishing attacks are nothing new. However, with scammers increasingly using sophisticated and new methods of harming recipients that experts are not as familiar with, being able to identify a phishing attack has never been more important. They can arrive as emails, texts, social media messages, phone calls or links to websites which appear to come from someone the victim knows or a legitimate business. It might look like a boss or co-worker, someone in an email contact list, a bank or a consumer’s favorite retailer.

Trusted brands are used to provide an air of credibility for scammers, who capitalize on the good reputation and relationships these brands have built. Some brands that have been used in phishing attacks to target consumers include Wells Fargo, Zoom, American Express, Apple and Microsoft. The companies being used are not involved in these scams; in many ways, they are victims of the scammer as much as the targeted consumer.

Every phishing attack has a different goal, depending on what kind of ruse they are using. Some use links or attachments to insert malicious code on the user’s device so they can collect more information. Others attempt to steal people’s personal and business usernames or passwords,  and others still try to get someone to click on a well-disguised link so they can divert them to a place where the user enters even more information that the fraudster will use to his or her benefit. While phishing attacks have different objectives, the attackers’ primary goal is to steal the information needed to scam individuals and businesses.

Fortunately, the age-old advice about avoiding a phishing attack still holds true. These are some things people should keep in mind when trying to identify a phishing attack.

Check the email address and URL to make sure it is not fake

Check unexpected inbound messages very carefully, paying special attention to the sender’s email or website address included in the message; they might notice something strange. If it says “Amaz0n.com,” for example, it is fake. If the website link is Citibank.card.shop.com (as an example), instead of the company’s actual web address, again, it is probably fake. Always go back to the source of the email (or in this case, the company that is being represented) and check for alerts about potential scams of which they are already aware. Many times, the company is aware and has posted information about the scam.

Received an unexpected email, text, social media message or phone call with a link or an attachment?  Consumers should reach out directly to the purported “source” of the communication to verify the validity of the message before clicking on a link or opening an attachment (as mentioned above). Clicking on a malicious link or opening a bogus attachment could lead to someone’s personal information being stolen or infect the device with malware.

Check the message for grammatical errors and awkward phrasing

Read unexpected messages carefully and with a critical eye. Grammatical errors and awkward language are two quick indicators that the email isn’t sent by the company indicated. In trying to identify a phishing attack, customers should remember that companies do not send out emails or other messages with glaring errors – in most cases, large, reputable companies have teams checking their communications for just those types of issues. Smaller businesses may have a looser communication style, but loyal customers will know if something is “off.”  If someone sees any strange mistakes, that is probably a sign it is a fake. In fact, sometimes spelling mistakes are intentional so that only more gullible recipients will interact.

Never trust the caller ID

Do not go by what the caller ID may say. It is easy for a scammer to change the phone number or screen name to say anything, like “IRS” or “County Sheriff’s Department.” If someone calls with an attempt to verify identity information or demands for some kind of payment, consumers should hang up immediately and initiate contact with the company directly using a verified phone number from a trusted source. Here’s a tip: people should put numbers in their contact list for companies that are used regularly – but name them something only they would identify. For example, list the bank as “Bank on 4th & Main St.” instead of by the bank’s name. That way, if there’s an inbound call from the number, the person receiving the call will know they can trust it.

Remember that in many cases, fraudsters are using websites that look like the companies they are pretending to be. A web search could also bring someone to a potential fraudulent site. People should always treat the search results with the same critical eye as they would these other steps.

Phishing attacks can be confusing because of how close to real they can look or sound. Scam websites, emails, phone calls and text messages that mimic trusted brands will continue. However, by implementing these tips to identify a phishing attack, it will help reduce the risk of falling for a phishing attack.

Anyone with additional questions about phishing attacks, or believes they have been a victim of one, can call the Identity Theft Resource Center toll-free at 888.400.5530 to speak with an expert advisor. They can also use the live-chat feature on the website to get the help they need.


A new Netflix phishing email scam has been targeting customers under the guise of a billing issue or account suspension. The attack, claiming to be from Netflix support, looks legitimate enough to get some users to expose their credit card information.

The Netflix phishing email scam is titled “Notice of Verification Failure,” and it claims there is an issue with billing. It asks users to verify their personal information within 24 hours to prevent their account from being canceled.

The link provided takes the user to a CAPTCHA page with Netflix branding. Once it is filled out, they are led to a site aiming to steal credit card details and billing information. While there have been other Netflix phishing scams, this new version uses pages hosted on legitimate domains, making it seem more realistic.

Steps You Should Take

  • Be suspicious of any email or text message asking you to verify personal information or credit card details
  • Check for spelling errors in URL links and email addresses
  • Instead of clicking any links in the email, go directly to your Netflix account through your web browser to see if you have a notification about your billing. Also, reach out to Netflix directly about the email.

Remember, scammers cast a wide net by posing as big companies to scam consumers. Due to the increase in streaming services and online platforms during COVID-19, there may be a continued rise in phishing attacks and other related cyberattacks.

If people have questions regarding Netflix phishing email scams, they are encouraged to contact the Identity Theft Resource Center through the website to live-chat with an expert advisor or call toll-free at 888.400.5530.


You might also like…

Twitter Hack Serves as a Reminder of How Manipulative Bitcoin Scams Can Be

Netflix Email Scam

USS Bonhomme Richard Charitable Giving Scam