In this issue:

After someone loses money to a scam, the damage is not always over. A growing number of people are being targeted by a second scam, fake “scam recovery” services that claim they can get stolen money back.

I have had many people tell me their scam stories in person. That is absolutely fine and honestly important. Warning your friends and family helps others avoid the same traps. The problem starts when those stories become visible to the wrong audience online.

Scammers actively look for victims who admit they were scammed. They monitor Facebook scam groups, comment threads, and public posts where people share what happened to them. In some cases, victim details are also shared on so-called “sucker lists” that circulate between fraud groups. Once your story is found, the next pitch quickly follows.

The hook sounds comforting. A recovery service claims they specialize in tracking scammers, hacking crypto wallets, or reversing fraudulent transactions. They often present professional websites, testimonials, and urgent messages promising results. All they ask for is an upfront fee, usually paid in crypto, gift cards, or wire transfer.

This is where the second scam begins.

The truth is simple but hard to accept. Once money is sent through cryptocurrency, gift cards, or peer-to-peer payment apps, it is almost impossible for a private company to recover it. There is no secret system and no ethical hacker quietly pulling funds back. In many cases, these recovery services are the same scammers returning for more, or a new group exploiting your hope.

After payment, victims are often told there are delays, legal hurdles, or additional fees required to finish the recovery. The losses can quickly multiply.

If you have been scammed, report it immediately to your bank or payment provider and file reports with official consumer protection and law enforcement channels. Share your experience thoughtfully with people you trust. Just be cautious about posting details publicly.

A recent warning shows that hackers are actively attacking older D-Link routers that no longer receive security updates. These routers are considered “end of life,” which means the manufacturer has stopped fixing security problems. Even though the device still turns on and provides internet, it is no longer protected. I wrote an article previously about other routers that had gone end of life, because you may have a different one that is no longer supported.

First, what is a router?

A router is the small box in your home that connects all your devices to the internet. Your phone, laptop, smart TV, doorbell camera, and even some appliances rely on it. Many people own one because it came with their internet service years ago or because they bought it once and never thought about it again.

That is exactly why these attacks work.

When a router reaches end of life, security flaws are never patched. Criminals know this and constantly scan the internet for older routers. When they find one, they can take control of it without the owner ever realizing it. From there, they may spy on activity, redirect web traffic, or use the router as part of larger attacks.

The recent attacks against older D-Link routers show how real this risk is. These devices have known weaknesses that are now being exploited in the wild. Most owners have no warning that anything is wrong.

This problem is so common that even I changed how I handle my own internet equipment. I now rent my router / modem from my internet provider because I got tired of my personal equipment going end of life or suddenly becoming unsupported. Renting means the provider is responsible for updates and replacements when technology changes.

What should you do?

Check the brand and model of your router, usually on a label on the bottom and search for the model name on the manufacturers website (e.g., https://dlink.com). If it is no longer supported, replace it.

This applies to other internet-connected devices too. If it no longer gets security updates, it is time to move on.

Do you have an idea for a future newsletter? Please reply to this email and let me know.

Thank you so much!

Sincerely,
Cassie Crossley
Founder, Cyber Safe Center
https://www.cybersafecenter.com