*Originally posted December 2015. Updated as of December 14, 2020.

  • Facebook users have recently been receiving messages about winning a “Christmas bonus.” These messages are scams. 
  • The messages come from cloned accounts of one of the user’s real Facebook friends.  
  • If anyone receives a message about a Christmas bonus on Facebook, they should ignore it. If it comes from the Facebook page or someone they know, they should alert them that their Facebook has been hacked or cloned. People should also consider reporting it to Facebook.  
  • If anyone wants to learn more about the Facebook Christmas bonus scam or believes they are a victim, they should contact the Identity Theft Resource Center toll-free at 888.400.5530 or by live-chat on the company website. 
One user alerted others and pointed to the ITRC for free assistance

Facebook users have been targeted by scammers offering a “Christmas bonus” or a “Christmas Benefit.” The Identity Theft Resource Center (ITRC) has spotted multiple Facebook Christmas bonus scam posts warning others of the scam.      

Who is the Target 

Facebook users; social media profiles

What is the Scam 

Example of Christmas bonus

Facebook users receive messages from individuals in their contact lists about winning a “Christmas bonus.” The messages are coming from the cloned accounts of friends, and they state that the individual has won a Facebook Christmas Bonus Giveaway. The targeted victim is then directed to contact a “Facebook Agent,” who will send a message that the winning is a random contest sponsored by Powerball.

The scammers will then ask for personal information to deliver the winnings. They may also ask for a small “transfer fee” to transfer the money into the victim’s account. Once the victim gives them their money or their personal information, the scammers disappear and do not award the “bonus.” Facebook Christmas bonus scams can use various tactics from scam to scam. However, they all are after the same thing. 

“Christmas Bonus Cash Guarantee” Facebook page targeting vulnerable populations

What They Want 

Personal information or direct payment 

How You Can Avoid Being Scammed 

  • If you receive a Facebook message stating that you have won something, chances are it is a scam. Do not respond.  
  • Delete the message and inform your friend that their Facebook account might be hacked or cloned. 
  • Report the Facebook Christmas bonus scam to Facebook 

If you believe you are a victim of a Facebook Christmas bonus scam or would like to learn more, contact the ITRC Center toll-free. You can call (888.400.5530) or use the live-chat function on the company website. Just go to www.idtheftcenter.org to get started.  

  • A new unsubscribe email scam tries to scare people into “unsubscribing” from confirmation emails coming from an adult dating list.
  • The unsubscribe button could lead to malware or to a form to steal your personal information.
  • Anyone who receives a suspicious email they are not expecting should ignore it and not click on any links, open any attachments, or download any files. Users can also report the email as spam.
  • For more information, contact the Identity Theft Resource Center toll-free at 888.400.5530. You can also live-chat with an expert advisor on the company website.

Scammers are always looking for new ways to dupe consumers into turning over their personal information or spreading malware to one of their devices. A new unsubscribe email scam reported to the Identity Theft Resource Center (ITRC) tries to trick people into clicking an “unsubscribe button” that could be either a malicious link or a form to steal your personal information.

Who It Is Targeting

Email users

What It Is

A “confirmation” email that claims you received a private message from an adult dating website. The fake email asks the user to confirm by entering their email address and name, and it gives people an option to “unsubscribe” if they would like to stop receiving the adult dating list emails. Scammers use scare tactics such as an email from an adult website in hopes people will click the “unsubscribe” button.

What They Are After

Entering your email address and name into the confirmation email gives cybercriminals the personal information needed to commit identity crimes. Clicking the “unsubscribe” button could lead to malware infecting your device, or to a form that asks for your personal information.

What You Can Do

  • If you receive a suspicious or unexpected message that includes links or asks for your information, ignore it. If it claims to be from a legitimate company, go directly to the source to verify the validity of the message.
  • Do not click on any links, open any attachments, or download any files in an email or text unless you confirm it is legitimate.
  • Use your email provider’s “spam” feature to report the email as junk rather than clicking unsubscribe.

If you believe you have fallen victim to an unsubscribe email scam or have additional questions, call the ITRC toll-free at 888.400.5530. You can also live-chat with an expert advisor on the company website.

Classes being moved to virtual and students being off of campus is not stopping scammers from targeting students. According to the Federal Trade Commission, a recent college student stimulus check scam claims to be from universities’ financial departments. However, it’s a trap to steal sensitive information and install malware on students’ devices.

Who is it targeting: College students

What it Is: Phishing scam that steals information, potentially installs malware

What Are They After: This recent email scam is disguised as a message from the victim’s university’s “financial department” regarding their COVID-19 economic stimulus check. The email claims it needs to be opened from a portal using a university login. If a student logs in with their university account, they could give away their login credentials and potentially download malware to their device.

How You Can Avoid It:

  • Investigate – If you are suspicious of an email, contact the sender directly to verify that they are legitimate. Look up their phone number or website yourself. Do not click on any links.
  • Pay attention to detail- Bad grammar and spelling can be a way to spot a phishing email. Another clue that the email is not from your school is if they use the wrong department name (calling themselves the Financial Department rather than the Financial Aid Department).

If a student thinks they may have been targeted by a stimulus check scam, they can live-chat with an Identity Theft Resource Center expert advisor. They can also call for toll-free, no-cost assistance at 888.400.5530. For full details on the college student stimulus check scam, consumers can check out this article from the FTC.


You might also like…

Contact Tracing Scams Ramp Up as New Technology Evolves Amid COVID-19 Pandemic

Possible Nigerian Fraud Ring to Blame for Unemployment Identity Theft Attack

Five State Unemployment Department Data Exposures Uncover System Flaws

A long-time scam tactic has made a comeback amid the coronavirus pandemic. COVID-19 catfishing scams are out in full force in an attempt to play on people’s emotions and steal their personally identifiable information to commit fraud.

Who Is It Targeting: Social media and dating app users

What Is It: A scam where someone creates a fake social media profile to target victims for financial donations or sensitive personal information used for identity theft.

What Are They After: Scammers are stealing photos of frontline workers to lure in victims to give money to a fake charity, or to steal their personal information to commit fraud. As reported by NBC, one student nurse had to report a fake Facebook page over 400 times as it was soliciting illegitimate coronavirus donations.

Despite an increase in awareness of similar scams, fake accounts are becoming more common. In the FBI’s 2019 Internet Crime Report, there were 1,000 more reports of confidence fraud and romance cybercrimes compared to 2018. Those statistics are an example of why so many people might be getting targeted by COVID-19 catfishing scams.

How Can You Avoid It:

  • Research the person the profile claims to be
  • If someone refuses to meet in person, it is probably a scam
  • Never give money or personal information to someone who will not meet in person
  • Consider making all social media profiles private and report any abuse to the appropriate platform

If someone believes they are a victim of a COVID-19 catfishing scam or find a picture of themselves on a fake profile, they can live-chat with an Identity Theft Resource Center advisor. They can also call toll-free at 888.400.5530.


You might also like…

CAM4 DATA EXPOSURE LEAKS BILLIONS OF RECORDS FROM ADULT STREAMING WEBSITE

THIRD CHEGG DATA BREACH IN THREE YEARS IMPACTS NEARLY 700 EMPLOYEES

BILL & MELINDA GATES FOUNDATION, CDC, NIH AND WHO EMPLOYEE INFORMATION EXPOSED

Scammers are looking to scare people into falling for a COVID-19 contamination scam that contains a link that is designed to steal personal information.  Scammers are sending potential victims a text message informing them that someone they know tested positive for the coronavirus. However, it is just a trap.

Who Is It Targeting: Text message users

What Is It: A phishing scam based on fears of COVID-19

What Are They After: Text message users have reportedly received alerts that someone they know has tested positive for COVID-19. The message instructs them to self-isolate immediately, and then to click the link for further information and action. However, it is all part of a COVID-19 contamination scam. Police have warned that the link is likely designed to steal people’s personal data.

How Can You Avoid It:

  • Stay informed; COVID-19 information is not yet being shared this way
  • Never click a link, download an attachment or open a file that you were not specifically expecting
  • Follow trusted sources like the CDC or your local EMA for accurate information on the virus

If you think you may be a victim of identity theft or a COVID-19 contamination scam, contact the Identity Theft Resource Center for toll-free, no-cost assistance at 888.400.5530 or live chat with an expert advisor. Find more information about current scams and alerts here. For full details of this scam check out this article from IDTheftCenter.org.


You might also like…

CASHAPP SCAMS SEE A RISE DUE TO COVID-19

WHY HAVE YOU NOT RECEIVED YOUR STIMULUS CHECK PAYMENT YET?

CHOOSE STRONG SECURITY QUESTIONS/ANSWERS FOR ONLINE ACCOUNTS

With news of the economic hardship surrounding the containment of COVID-19, scammers are out in full force trying to get consumers to fall for CashApp scams by clicking on fraudulent and malicious links that could steal people’s money and identity.

Who Is It Targeting: Social media users, email recipients, text messaging platforms

What Is It: A phishing scam that claims to donate money to its victims

What Are They After: Like all newsworthy events, scammers have come up with a variety of ways to capitalize on the current concerns surrounding COVID-19 in order to steal money, identities or both. In this version, it is messages that offer the would-be victims’ free money via CashApp to help them through this difficult time with a link to participate. However, since it is a CashApp scam, the link is fraudulent and malicious and can lead to problems for anyone who follows it.

How Can You Avoid It:

  • No one will ever contact you out of nowhere to give you money
  • Never click a link, download a file or open an attachment that you were not expecting
  • Never input your login credentials for someone who requests them

If you think you may be a victim of identity theft or a CashApp scam, contact the Identity Theft Resource Center for toll-free, no-cost assistance at 888.400.5530, or live chat with an expert advisor. Find more information about current scams and alerts here. For full details of this scam check out this article from IDTheftCenter.org


You might also like…

WHY HAVE YOU NOT RECEIVED YOUR STIMULUS CHECK PAYMENT YET?

CHOOSE STRONG SECURITY QUESTIONS/ANSWERS FOR ONLINE ACCOUNTS

FINANCIAL DATABASE LEAK LEADS TO OVER 500,000 DOCUMENTS EXPOSED ONLINE

Grandparent scams have been around for a long time. However, scammers are coming up with a new twist based on the coronavirus. COVID-19 grandparent scams are playing on the fears many people have right now, that they might lose a loved one.

Who Is It Targeting: Phone and email users

What Is It: A grandparent scam is a phishing scam that claims your family member is in trouble

What Are They After: Scammers are posing as grandchildren who claim they are sick and need money to pay their hospital bills. The information is easily gleaned from social media accounts, giving the caller a name that the person knows to use in their scam. In the current times of the coronavirus, COVID-19 grandparent scams can be particularly compelling.

How You Can Avoid It:

  • Never make a payment over the phone to anyone you do not know or were not expecting to hear from
  • Resist the urge to act immediately, no matter how dramatic the story is
  • If you receive a call like one of these, say that you have to go to the store or bank to secure the money and have them call you back; during that time, reach out to your friend or relative to confirm that they are okay

If people have questions regarding COVID-19 grandparent scams, they are encouraged to contact the Identity Theft Resource Center through the website to live chat with an expert advisor. For those that cannot access the website, they can call the toll-free hotline (888.400.5530) and leave a message for an advisor. While the advisors are working remotely, there may be a delay in responding but someone will provide assistance as quickly as possible.


You might also be interested in…

The Treasury Department and IRS announced that the automatic distribution of stimulus checks will start within the next week, with no action required for most people. Scammers are already one step ahead with IRS stimulus check scams and have started making calls asking for people’s bank account number to deposit their check.

Who Is It Targeting: Individuals awaiting the stimulus checks

What Is It: Phony IRS stimulus check scam calls asking for bank account numbers in order to receive a $1,200 stimulus check payment

What They Are After: Scammers will use this opportunity to try and trick consumers that the IRS needs their bank account information in order to deposit the check. In reality, no one has to give their personal information to receive the payment. As noted in this Forbes article, “Eligible taxpayers who filed tax returns in either 2019 or 2018 will automatically receive an economic impact payment.”

How You Can Avoid It:

  • Never give out personal information over the phone, especially to numbers you do not recognize.
  • Check the facts! If you get a call saying it is an IRS stimulus check scam, know it is a scam.the IRS will not call you. Federal aid will either be deposited via account information the IRS already has from your tax filings or they will send you a check.

If people have questions regarding stimulus check scams, they are encouraged to contact the Identity Theft Resource Center through the website to live chat with an expert advisor.

For those that cannot access the website, call the toll-free hotline (888.400.5530) and leave a message for an advisor. While the advisors are working remotely, there may be a delay in responding but someone will assist you as quickly as possible.


You might also like…

As the U.S. continues to struggle to meet the need for coronavirus testing, some scammers are beginning to call people and offer them free tests. Consumers should be on the lookout for these coronavirus testing robocalls.

Who Is It Targeting: Phone users

What Is It: Robocalls that steal personal information

What Are They After: While robocalls can be a nuisance, scammers have found a new way to make people pay attention and play along. Anything that makes headline news is increasing scammers’ ability to lure people in. While hospitals around the country struggle to get enough COVID-19 testing supplies, these coronavirus testing robocalls offer the recipient a free test in their area. However, in order to find out where the nearest test location may be, consumers have to hand over personal information.

How Can You Avoid It:

  • For the most accurate COVID-19 information and testing options, follow your local news outlets or the CDC’s website
  • Never give out all of your information or any form of payment to someone who contacts you
  • Never confirm your identity for a caller because they should know who they have called

If you think you may be a victim of identity theft or have received coronavirus testing robocalls, you can contact the Identity Theft Resource Center for toll-free, no-cost assistance at 888.400.5530. You can also live chat with an expert advisor. Find more information about current scams and alerts here. For full details of this scam check out this article from CNN.com.


You might also like…