Scam of the day – October 31, 2014 – Free credit score scams

Based on the information contained in your credit reports, your credit score can have a significant effect on whether you are granted a loan and at what interest rate, whether you will be hired for a job, whether you will be sold insurance, whether you can rent an apartment or many other purposes.  We all have a right to an annual free credit report from each of the three major credit reporting agencies, however, your free credit report will not provide you with your credit score.  Recently many people are receiving emails with offers to provide a free copy of your credit score.  Unfortunately, as with any other email or text message that requires you to provide personal information such as your Social Security number which is required to obtain your credit report or credit score, you cannot be sure that the offer is legitimate.  In some instances, companies offering to provide “free” credit reports or scores are actually signing you up for a continuing service that you may not either desire or need.  These sites generally ask for your credit card number, but tell you that they only need the credit card number for verification purposes.  Of course, that it is a lie.  If you were getting something free, you would not need to provide a credit card number.   They are getting your number to use it to charge you monthly fees for services that you may not have thought you ordered.  Even worse however, are scams in which the company offering to provide you with your free credit score is actually just scamming you in order to get your Social Security number which they will use to make you a victim of identity theft.

TIPS

As I always say, you cannot trust any email or text message to be legitimate.  Never click on links, download attachments or provide personal information in response to unsolicited emails or text messages.  The risk is too great.  If you want your free credit reports from each of the three major credit reporting agencies, Equifax, Transunion and Experian, the only place to go is the website www.annualcreditreport.com.  It is important to monitor your credit report not just to find evidence of identity theft, but also to find mistakes that may appear on your report that can adversely affect your credit score.  As for your credit score, the website www.creditkarma.com is a legitimate website that you can trust, that encrypts your data and provides your credit score for free.

Scam of the day – October 28, 2014 – Healthcare worker pleads guilty to identity theft

Florida medical assistant La Toya Yvette Tillman has been convicted of aggravated identity theft and sentenced to three years in prison.  Through her work at Gastroenterology Consultants she was able to access the database for the entire Memorial Healthcare System, one of the largest health care systems in the country.  Tillman stole personal information including patients’ names, dates of birth and Social Security numbers which she sold by the thousands to identity thieves who, in turn, used the information to file fraudulent income tax returns and commit income tax identity theft.  The lack of security in the health care industry nationwide is far worse than that of retailers such as Target, Home Depot and others that have been the victims of major data breaches.  This case in particular points to the problem of insider identity theft where rogue employees, having access to personal information of patients are able to steal that information.   Regardless of how strong a company’s security is to withstand an attack from outside of the company, it is necessary to combine that security with strong security from threats within the company.

TIPS

This should be a wake up call to many companies and not just those in the health care industry to better protect the privacy of their data banks from threats within the companies as well as outside of the companies.  Too much information is readily accessible in many companies to too many people in the companies with no need to have access to that information.  However, this case also is a good example of companies having access to Social Security numbers, the key to identity theft when they don’t need this information.  People think that medical care providers need your Social Security numbers, when in fact the main reason medical care providers and others demand the number is to make collection of overdue bills easier for them.  Try to limit as much as possible the companies to which you provide your Social Security number to those that truly have a need for it.  The information stolen by La Toya Yvette Tillman would not have been sufficient for her accomplices to file fraudulent tax returns if the Social Security numbers were not included in the stolen data.

 

Scam of the day – April 15, 2014 – Attorney General, Eric Holder victim of income tax identity theft

Today being the deadline for filing your federal income tax return is also a good time to remind you that identity theft and income tax identity theft can happen to anyone.  It can even happen to the Attorney General of the United States.  Recently convicted of this crime were Yafait Tadesse and Eyaso Abebe, a man whose Facebook page describes him as an importer/exporter for Vandelay Industries, which if it sounds familiar is because it was a fictional company created by the George Costanza character in the old Seinfeld television show.  Obtaining the Social Security number of a real person and then filing a phony income tax return on behalf of that person before the potential victim files his or her legitimate federal income tax return is the key to income tax identity theft.  In this case Tadesse and Abebe purchased Social Security numbers including that of Attorney General Holder on black market websites and used the information to file phony returns and collect refunds.

TIPS

The two keys to protecting yourself from income tax identity theft are to protect the privacy of your Social Security number as best you can and file your federal income tax return as early as you can.  Even if an identity thief has managed to get your Social Security number, if you file your income tax return before he or she can file a phony return using your Social Security number, you will suffer no harm.  If an identity thief does manage to file a return using your Social Security number before you do, it can take many months before you can straighten the matter out and get your true refund.

Scam of the day – May 31, 2013 – Department of Homeland Security data breach

It was somewhat distressing to recently learn that the Department of Homeland Security (DHS) had suffered another (yes, I did say another) data breach.  The most recent data breach at the DHS which was only recently discovered affects thousands of employees of the DHS going back all the way to 2009.  The breach of data includes the names of employees, their Social Security numbers and dates of birth.  This is exactly the type of information that is desired by identity thieves because it can readily be turned into identity theft of the people whose data is stolen.  The particular data breach involved records of a third party vendor who works with the DPH, however that is of little comfort to the DPH employees and potential victims of identity theft.  In fact, according to a report by the Government Accountability Office (GAO) last July, federal agencies have reported more than 15,000 data breaches in 2011, which was an increase of 19% from the previous year.  It should also be noted that these are just the data breaches that have been discovered.  Others are undoubtedly going on undiscovered at this time.

TIPS

So what does this mean to you and what can you do about this?  This data breach points out again, as recognized in the GAO report that both government and the private sector are still not doing enough to keep our personal information secure.  Hopefully, this will change, but in the meantime, you should limit, as much as possible, the personal information that you provide both to governmental agencies and private companies.  In many instances, you must provide personal information, but in other situations, you can limit the amount of information you provide.  For instance, many medical care providers ask for your Social Security number, but do not need it.  In that instance, you can provide another identifying number, such as your driver’s license.  You also should consider putting a credit freeze on your credit report which will prevent an identity thief, who may get access to your Social Security number or other personal information about you from getting access to your credit report for the purposes of making large purchases.  You can find in the archives of Scamicide, instructions for how to get a credit freeze.

Scam of the day – March 14, 2013 – Michelle Obama and 22 other public figures hacked – what it means to you

News about a website that has put on line huge amounts of personal information about 23 famous politicians, celebrities and sports figures including, Beyonce, Vice President Joe Biden, Hillary Clinton, Hulk Hogan, Attorney General Eric Holder, Kim Kardashian, FBI Director Robert Mueller, Michelle Obama, Sarah Palin, Arnold Schwarzenegger, Donald Trump and Tiger Woods has been everywhere.  What happened was that hackers were able to hack into the website www.annualcreditreport.com and get access to the credit reports of each of these people which contained large amounts of personal information that in the hand of an identity thief could bring serious harm to the people whose information was accessed.  Instead of quietly using this information to victimize these people,these particular hackers chose to make all of the information public and put these people in serious jeopardy.  But what does this mean to you?  It is another example of how you are only as safe as the place storing your information with the weakest security.  In this case, an obvious flaw in the verification process permitted the hacker to pose as each of the victims and get their no longer private information.

TIPS

Getting access to the Social Security number of each of the victims was an important first step in the hacking.  The Social Security number is a key to identity theft and it is something that you should try to keep private, as much as possible.  There are plenty of ways that a determined hacker can get a Social Security number, but don’t make it easy for them.  Don’t provide it to places that do not need it and do not carry your Social Security card in your wallet or purse.

 

Scam of the day – October 29, 2012 – New IRS scam

The IRS is warning people about a new scam that uses a website that appears to be the IRS’ e-Services online registration page.  The real IRS e-Services website does not provide anything for taxpayers, but does provide web-based products and information for professional tax preparers.  Many people are fooled by phony IRS websites that have URLs that are close to the IRS’ URL of www.irs.gov.  Some may have IRS in the URL, but end in .com, .net or .org.  The only official IRS website is www.irs.gov, but even there if you get an email that appears to be from the IRS you should disregard it because the IRS does not contact taxpayers by email and under no circumstances will the the IRS contact you by email, social media or text messages requesting personal information such as your bank account information or your Social Security number.

TIPS

Never click on links in emails, texts or  social media messages unless you area absolutely sure that the link is legitimate.  And even then you should consider not clicking on a link until you have verified that indeed it was sent by a legitimate sender and even then you cannot be sure that the link is being sent to you by someone who is passing on a tainted link.  The link may take you  to a legitimate website that requests personal data from you, however, if the communication is from a scammer, the information you provide can lead to identity theft.  Remember, if it is the IRS contacting you, they would already have your Social Security number and they don’t need or ask for you bank account information.  By clicking on links from scammers, you also risk downloading dangerous keystroke logging malware programs that can steal all of the information from your computer and lead to you becoming a victim of identity theft.

Scam of the day- October 9, 2012 – Latest employment scams

Searching for a job online has become the norm for many people seeking employment and there are many legitimate online employment websites such as Careerbuilder.com and Monster.com, however, merely because an ad for a job appears on a legitimate website does not mean that the job is for real.  It may be just a scam seeking either personal information to make you a victim of identity theft, your money or both.  Do not assume because you see an ad for a job on a legitimate employment website that the ad is legitimate.  Although Career builder.com, Monster.com and other online employment agencies do their best to screen their ads, they can’t be even close to perfect.  Some of the things to be on the lookout for are companies that want you to wire fees as part of the job application or those asking for personal information early in the process.  Make sure that the company has a brick and mortar location and is not just an online scam.  Also be wary of ads that appear to be from companies that you know are legitimate because the scammer may be faking that as well.

TIPS

Never spend money to apply for a job.  Legitimate employers do not require them.  Google the address, telephone number and name of the company to see if they match what you have been told.  Don’t send a resume with personal information, such as your Social Security number that can be used to make you a victim of identity theft.  If the ad appears to be from a company that you know is legitimate, confirm by a telephone call to the real company’s HR department that the ad you are answering is legitmate.  A legitimate company will eventually need your Social Security number, but not early in the process.  Make sure that you have confirmed that the job is legitimate before providing this information.

Scam of the day – September 21, 2012 – AOL phony billing scam

Many people using AOL for email have been receiving legitimate looking, but phony emails purporting to be from AOL billing them for services.  Sometimes the phony messages come in the form of phony pop-ups that ask for personal information such as your Social Security number for “verification purposes.”  Either way, these are phony phishing scams merely looking to steal your money and your identity.  Ignore them.

TIPS

AOL uses what it calls AOL Certified Mail for actual communications which will come in the form of a blue envelope in your inbox and will have an AOL seal on the border of the email.  AOL will never ask for your Social Security number although scammers and identity thieves will because this number is the key to identity theft.  If you believe that an email communication from AOL or any other company may or may not be legitimate, go directly to the company at either its website or by telephone making sure that you use URLs and phone numbers that you know are accurate.  Never trust a link in an email that may be phony.  It can only lead to your downloading keystroke logging malware that can steal information from your computer and make you a victim of identity theft.

Scam of the day – September 19, 2012 – “John Doe” sentenced to ten years for identity theft

Recently a defendant whose true identity is still not known was sentenced to ten years in federal prison on identity theft charges by a federal court judge in Florida.  Court documents referred to the defendant as “John Doe” also known as Leroy, also known as L.T.H.  John Doe had been using a stolen identity for the last 22 years during which time he managed to obtain 23 government issued forms of identification including Military Contractor identification cards and Social Security cards.  His identification cards permitted him to have full access to at least five different Navy ships at the Mayport Florida Naval Station and secure areas of the Blount Island Marine Terminal.  As of this date, law enforcement have still not been able to identify who John Doe is which means that he has managed to avoid arrest before and does not have fingerprints on record.

TIPS

This case emphasizes the seriousness of identity theft where what appears to be a petty criminal is able to breach security at federal facilities due to identity theft.  Protect your identity by monitoring your credit report at least once a year by exercising your right to free credit reports from each of the major credit reporting agencies and jealously guard your Social Security number which is the key to identity theft.  Also, make sure that you check your annual statement of benefits provided to everyone by the Social Security Administration whether you are receiving benefits or not.