Category Archives: Identity Theft

Protect yourself from identity theft

Posted on by

Nearly 45 billion dollars were stolen from identity theft victims in 2020. LifeLock

Identity theft is one of the fastest growing financial crimes in America. Each year, millions of Americans discover that a criminal has fraudulently used their personal information to obtain goods and services and that they have become victims of identity theft.

A wide range of sensitive personal information can be used to commit identity theft, including a person’s name, address, date of birth, Social Security number (SSN), driver’s license number, credit card and bank account numbers, and phone numbers.

Once identity thieves have your personal information, they can drain your bank account, run up charges on your credit cards, open new utility accounts, or get medical treatment on your health insurance. An identity thief can file a tax refund in your name and get your refund. In some extreme cases, a thief might even give your name to the police during an arrest.

The most common form of identity theft involves the fraudulent use of a victim’s personal information for financial gain. According to the Federal Trade Commission’s Guide for Assisting Identity Theft Victims, there are two main types of financial frauds:

Using the victim’s existing credit, bank, or other accounts

  • A victim of existing account misuse often can resolve problems directly with the financial institution, which will consider the victim’s prior relationship with the institution and the victim’s typical spending and payment patterns.

Opening new accounts in the victim’s name

  • A victim of new account identity theft usually has no preexisting relationship with the creditor to help prove she is not responsible for the debts.
  • The new account usually is reported to one or more credit reporting agencies (CRA), where it then appears on the victim’s credit report. Since the thief does not pay the bills, the account goes to collections and appears as a bad debt on the victim’s credit report. Often, the victim does not discover the existence of the account until it is in collection.
  • The victim must prove to the creditor that she is not responsible for the account and clear the bad debt information from her credit report.

The primary tool for preventing criminals from opening additional new accounts in your name are to implement a fraud alert and credit freeze. In most cases, you should place an initial fraud alert on your credit report as quickly as possible after discovering that you have become an identity theft victim, or you realize that your sensitive personal information has been stolen. Once you implemented a fraud alert, you will have some time to consider whether to place an extended fraud alert or a credit freeze on your credit report. You also will be able to obtain a free credit report and review the report to see if it shows that there has been additional fraud by the criminal.

https://twitter.com/ebrownl33/status/146436870204497510

To prevent identity theft, it is critical to keep your personal information safe:

  • Shred financial documents and paperwork with personal information before you discard them.
  • Protect your Social Security number. Don’t carry your Social Security card in your wallet or write your Social Security number on a check. Provide it only when absolutely necessary. You may always ask to use another identifier.
  • Don’t provide personal information over the phone, through the mail, or over the Internet unless the party is known and reputable.
  • Never click on links sent in unsolicited e-mail messages.
  • Use firewalls, anti-spyware, and anti-virus software to protect your personal computer. Keep the protections up-to-date. Visit OnGuardOnline.gov for more information.
  • Don’t use an obvious password like your birth date, your mother’s maiden name, the last four digits of your Social Security number, or your phone number.
  • Keep all personal information in a secure place at home, especially if you have roommates or employ outside help.

Monitor your financial information regularly and request a free copy of your credit report annually. Review various financial accounts and statements, checking for the following:

  • Purchases that were not made by you
  • Bills that do not arrive as expected
  • Unexpected credit cards or account statements
  • Denials of credit for no apparent reason
  • Calls or letters about purchases you did not make

If identity theft is suspected, act quickly!

Identity theft victims have the right to block the reporting of information that resulted from identity theft. Credit reporting agencies (CRAs) are responsible for blocking fraudulent information from appearing in victims’ credit reports, but also to notify furnishers (creditors, debt collectors, and other companies that reported the information).

As the victim, you must provide the CRAs with the following information in writing:

  • a copy of an Identity Theft Report (filed with law enforcement). The Identity Theft Report is the primary tool for removing inaccurate identity theft-related information from your credit report.
  • a letter explaining what information is fraudulent as a result of identity theft
  • the letter should state that the information does not relate to any transaction that the consumer made or authorized
  • proof of identity, which may include the consumer’s Social Security number, name, address, and other personal information requested by the CRA

In summary, identity theft happens when someone steals your personal information to commit fraud. The criminals may use your information to apply for credit, file taxes, or get medical services. These acts can damage your credit status, and cost you time and money to restore your good name.

To Prevent Identity Theft

According to USA.gov, you should keep these tips in mind to protect yourself from identity theft:

  • Secure your Social Security number (SSN). Don’t carry your Social Security card in your wallet. Only give out your SSN when necessary.
  • Don’t share personal information (birthdate, Social Security number, or bank account number) because someone asks for it.
  • Collect mail every day. Place a hold on your mail when you are away from home for several days.
  • Pay attention to your billing cycles. If bills or financial statements are late, contact the sender.
  • Use the security features that can help protect the device and the information on it from threats and vulnerabilities on your mobile phone.
  • Update sharing and firewall settings that analyzes and blocks or allows information traveling between the internet and your computer based on a defined set of security rules.
  • Use a virtual private network (VPN) if you use a public wi-fi network A Virtual Private Network (VPN): a private network that connects your computer or mobile device to the internet and encrypts (codes) your information to protect your internet activity from monitoring or spying.
  • Review your credit card and bank account statements. Compare receipts with account statements. Watch for unauthorized transactions.
  • Shred receipts, credit offers, account statements, and expired credit cards. This can prevent “dumpster divers” from getting your personal information.
  • Store personal information in a safe and secure place.
  • Install firewalls and virus-detection software to prevent, detect, and remove malicious programs that have been placed on your computer to spy on you or to do damage to your computer.
  • Create complex passwords that identity thieves cannot guess. Change your passwords if a company that you do business with has a breach of its databases
  • Review your credit reports will show your bill payment history, current debt, and other financial information once a year. Be certain that they don’t include accounts that you have not opened. You can order it for free from Annualcreditreport.com.
  • Freeze your credit files with Equifax, Experian, Innovis, TransUnion, and the National Consumer Telecommunications and Utilities Exchange for free. Credit freezes prevent someone from applying for and getting approval for a credit account or utility services in your name.

You have limited liability for fraudulent debts caused by identity theft.

  • Under most state laws, you’re not responsible for any debt incurred on fraudulent new accounts opened in your name without your permission.
  • Under federal law, the amount you have to pay for unauthorized use of your credit card is limited to $50. If you report the loss to the credit card company before your credit card is used by a thief, you aren’t responsible for any unauthorized charges.
  • If your ATM or debit card is lost or stolen, you can limit your liability by reporting the loss immediately to your bank or credit union.
  • If someone makes unauthorized debits to your bank or credit union account using your debit card number (not your card), you aren’t responsible – if you report the problem within 60 days after they send your account statement showing the unauthorized debits.
  • Most state laws limit your liability for fraudulent checks issued on your bank or credit union account if you notify the bank or credit union promptly.

References:

  1. https://www.identitytheft.gov/#/
  2. https://www.consumer.ftc.gov/articles/pdf-0119-guide-assisting-id-theft-victims.pdf
  3. https://www.usa.gov/identity-theft

Preventing Scams and Cybercrime

Posted on by

Fraudsters and cybercriminals are getting sneakier – sometimes even claiming to be your bank or financial institution. Outsmart scammers with these tips.

With more than 2 billion people worldwide accessing the internet through smartphones, hackers have never had greater incentive to devise new scams. Getting scammed is an unpleasant experience, but you can be one step ahead.

For example, you look at your phone and you have a new text message saying it is from your bank or financial institution. The message tells you to click this link and download a new app to secure your identity or customer account. It’s strange because you’ve never received a text from your bank at this number before, and you already have your bank’s app downloaded, or at least you thought?

STOP! Don’t click that link. There are a number of red flags to watch out for to recognize a phishing attack. Although this trick is commonly employed over email, savvy thieves are now trying to install ransomware or steal your financial or personal information by impersonating a bank, credit card company or service provider by phone calls or even text messages. Phishing is when a fraudster tricks a consumer into providing their personal information through a fake app or website. The site may appear have a copy of your bank’s or another company’s logo and appears legit. So how do you tell it’s not?

  • With increasing number of cases related to cyber frauds or online scams, it’s recommended that you follow these tips to detect a scam by text and protect your identity:
      • Check the number and search for how your bank has texted you in the past. Are they different? Don’t click the link!
      Is this message irregular? If you have not recently conducted business, used your cards or logged into your bank via the app, mobile or desktop, it may feel out of context to be receiving this request. Don’t click it!
      Are they using the right terminology for you and your account? Does your bank refer to you as a member but this text message says “customer.” Don’t click it!

    REMEMBER: Do not download any software or click on unknown links sent to you by email or text! Banks will typically never ask you to download software in an email or while you are on the phone with us..

    Emails

    There are some easy ways to ensure the email is from bank. Bank emails typically include a Security Zone to help you distinguish a legitimate email from a fraudulent one. Here is what to look for to help identify authentic emails:

    • Always hover over the sender’s email address to verify who it is from. Banks will only send emails from an address that clearly indicates it is from your bank.
    • To be effective, you must verify the spelling of your first and last name and the accuracy of the last four digits of your USAA member number every time you receive an email from USAA.

    Phone Calls

    RING, RING, RING

    The caller ID says your bank across the top. It’s not a 1-800 or a 1-877 number, but when you answer, the caller says they are with your bank and now asks for your customer service identification number to verify you. The caller may offer to assist with installing software you need for your financial services … what do you do?

    STOP! Don’t share your personal information before verifying the caller. If your bank is calling you, they typically will never ask for your “customer” identification number, credit card number or other personal information.

    Follow these tips to detect a scam by a phone call and protect your identity:

    • Do not share security or personal data: Your bank will never call you and then ask you for your one-time verification code, PIN, password or other personal identification details.
    • Always realize that you can call your bank to determine if any request for information is valid. When you call us, know that we’ll use the multifactor identification code from your phone to verify you.

    “Grandpa, I need your help. My car won’t start. Please send me money using this app…” OR

    “Hi, how are you? I can’t deposit any money into my bank account because I am deployed. Can you send me some money for my phone card so we can continue talking? I really miss you.”

    STOP! Imposters have many tricks up their sleeves when they are trying to access your information or steal your assets. As discussed above, it could be by impersonating a company through a phone call, email or text, but now they are even trying to contact you on third-party social platforms, like Facebook or Twitter, or through dating apps and sites.

    Follow these tips to avoid a grandparent or romance scam:  

    • Never send money to someone you don’t know in real life, especially using a third-party app like Zelle, CashApp, etc.
    • If someone claims to be a family member, verify with that family member by calling them directly! If you think your grandson needs help, call him or call his parents before sending money unintentionally to a scammer.
    • Do your research. If you are getting to know someone online, make sure you look them up, validate they are who they say they are. Some also claim to not have access to common resources overseas because they are serving, which is often untrue.

    If any of these situations should happen to you, reach out for advice before giving out any personal information. And, if you get a suspicious email, text, instant message or phone call, you can report it to your bank or to the Federal Trade Commission at ftc.gov/complaint.

    If a scam does trip you up in real life, get help! The FBI has an Internet Crime Complaint Center at ic3.gov. You can also report identity theft to the Federal Trade Commission to 1-877-ID-THEFT (84338).

    There are also some easy ways to ensure a text message is from your bank.  Based on your request, many banks may send a one-time code as part of its multi-factor authentication process. If you suspect fraud, you should:

    •  REPORT! Even if you didn’t share personal information or click a questionable link, if you suspect fraud, let us know so we can help prevent it to protect you and other members in the future.
    • If you receive a suspicious call from someone claiming to be your bank and is requesting account information or security credential information, hang up immediately!
    • If you provided any personal identifiable information prior to hanging up, alert your bank.
    • If you did not provide any information, you should still send an email to your bank reporting the phone number or text message and message details. This helps them to actively work to shut down fraudulent callers, sites and emails.

    Imposters can come from the least expected places and they are constantly changing their tactics. That’s why it is so important to always be on alert. While financial institutions can use sophisticated detection processes, they are most effective in fighting fraud when they work together with their customers.

     

    Think Before You Click

    Posted on by

    #ThinkB4UClick

    The global pandemic has tested the online security resilience and vigilance of people world-wide, while at the same time the pandemic is pushing more and more individuals to conduct their daily personal and work lives online.

    Unfortunately, cyber criminals have sought opportunities to create havoc and financial gain in the midst of the chaos caused by the pandemic.

    Since our lives have shifted into the digital dimension, educating the online user on cyber security has become more important than ever before.

    As a result, cyber security has become increasingly important domestically and globally. But we must all remember that cyber security begins with a few basic steps such as: being vigilant, changing your password often and most important… think before you click on or open a link.

    Tips for Securing Your Digital Accounts

    Like keeping our doors locked to keep our homes safe from burglars, keeping our online accounts secure is vital to help protect ourselves from cyber criminals – and passwords are the key.

    Here are some tips to help you keep your accounts safe online.

    1. Choose strong passwords

    The stronger your password is, the more difficult it is to hack your account.

    Create passwords that are at least 15 characters long and include a combination of upper and lower case letters, numbers and symbols if allowed.

    A good way to do this is to create a passphrase – use a sentence that includes unusual words, or words from different languages.

    In addition, always use unique passwords for all your online accounts.

    2. Use a password manager

    A password manager is a convenient way to take care of your passwords.

    Several very good password managers are free and easy to use. It will create strong passwords for you and keep them secure.

    If you’d prefer not to use a password manager, write your passwords into a notebook and keep it in a secure place away from your computer.

    3. Enable Multi-Factor Authentication (MFA)

    Multi-factor authentication (like 2FA) provides an extra layer of security to help protect your accounts.

    It is an electronic authentication method where you need to present two or more pieces of evidence (factors) to confirm your identity and access your account, for example a password and a code that is sent to your mobile phone. Your account cannot be accessed without entering this code.

    4. Do all of the above!

    For extra security, use a password manager that will create strong passwords for you and enable multi-factor authentication when available for your best chance to keep your accounts secure.

    References:

    1. https://cybersecuritymonth.eu/resources/top-tips-for-securing-your-accounts/

    Millions of Americans Fall Victim to Identity Theft

    Posted on by

    While online, your personal information is constantly exposed to bad actors. Take actions to protect your identity and prevent the theft of your identity.

    A shocking amount of information about you can be found online. From Social Security numbers to bank account numbers to social media profiles, a savvy thief potentially has access to all the data he or she needs to assume and steal your identity.

    Identity theft is a serious crime. It happens when someone uses your Social Security number or uses other personal information about you without your permission to open new accounts, make purchases or get tax refunds. They could use your:

    • Name and address
    • Credit card or bank account numbers
    • Social Security number
    • Medical insurance account numbers

    Many Americans whose information was compromised did not realize their identity was stolen until years later when they tried to buy a car, file tax returns or purchase a home.

    Experts warn that identity thieves can use social engineering to steal your information. Social engineering is the art of manipulating someone to divulge sensitive or confidential information that can be used for fraudulent purposes.

    Social engineering can happen everywhere, online and offline. And unlike traditional cyberattacks, whereby cybercriminals are stealthy and want to go unnoticed, social engineers are often communicating with you in plain sight. Consider these common social engineering tactics that one might be right under your nose.

    • Your “friend” sends you a strange message. Social engineers can pose as trusted individuals in your life, including a friend, boss, coworker, even a banking institution, and send you conspicuous messages containing malicious links or downloads. Just remember, you know your friends best — and if they send you something unusual, ask them about it.
    • Your emotions are heightened. The more irritable we are, the more likely we are to put our guard down. Social engineers are great at stirring up our emotions like fear, excitement, curiosity, anger, guilt, or sadness.
    • The request is urgent. Social engineers don’t want you to think twice about their tactics. That’s why many social engineering attacks involve some type of urgency, such as a sweepstake you have to enter now or a cybersecurity software you need to download to wipe a virus off of your computer.
    • The offer feels too good to be true. Ever receive news that you didn’t ask for? Even good news like, say winning the lottery or a free cruise? Chances are that if the offer seems too good to be true, it’s just that — and potentially a social engineering attack.
    • You’re receiving help you didn’t ask for. Social engineers might reach out under the guise of a company providing help for a problem you have, similar to a tech support scam. And considering you might not be an expert in their line of work, you might believe they’re who they say they are and provide them access to your device or accounts.
    • The sender can’t prove their identity. If you raise any suspicions with a potential social engineer and they’re unable to prove their identity — perhaps they won’t do a video call with you, for instance — chances are they’re not to be trusted.

    A thief can get your personal information in person or online. Here are some ways thieves might steal someone’s identity. A thief might:

    • Steal your mail or garbage to get your account numbers or your Social Security number
    • Trick you into sending personal information in an email
    • Steal your account numbers from a business or medical office
    • Steal your wallet or purse to get your personal information

    Identity experts share five recommendations for how to protect your identity:

    • Once a year, order and closely review a free credit report from each national credit reporting agency: Experian, Equifax and Transunion.
    • Browse and purchase online while only using a secure connection. Never use autofill features when filling out online forms, unless it is on a trusted site.
    • Refrain from giving solicitors personal or financial information over the phone, by email or through pop-up message.
    • Opt out of pre-screened offers of credit and insurance by mail.
    • Avoid oversharing on social networking sites so you’re not sharing a potential scam with others.

    If you do think you’re a victim, call the three major credit bureaus and place a credit freeze and file a report with law enforcement.

    Even if you don’t believe it’s that big of a deal, reporting these crimes can help law enforcement prevent others. It took identity theft victims an average of 10 hours to resolve the fraud in 2020, according to LifeLock.

    Moreover, you may be responsible for what the thief does while using your personal information. You might have to pay for what the thief buys. This is true even if you do not know about the bills.

    How can that happen?

    • A thief might get a credit card using your name.
    • He changes the address.
    • The bills go to him, but he never pays them.
    • That means the credit card company thinks you are not paying the bills.
    • That will hurt your credit.

    This is the kind of trouble identity theft can cause for you.

    Your best defense against identity theft and social engineering attacks is to educate yourself of their risks, red flags, and remedies. To that end, stay alert and avoid becoming a victim.

    References:

    1. https://www.consumer.gov/articles/1015-avoiding-identity-theft#!what-it-is
    2. https://us.norton.com/internetsecurity-emerging-threats-what-is-social-engineering.html
    3. https://www.usnews.com/360-reviews/identity-theft-protection