Kentucky Attorney General Andy Beshear is warning citizens about a Social Security related scam that I first warned you about in September of 2018.  Scammers are calling people on the phone posing as employees of the Social Security Administration and telling their intended victims that their Social Security numbers have been suspended due to the number being used by criminals for fraudulent purposes. They then ask you to confirm personal information including your Social Security number in order to correct the problem and to enable lifting of the suspension of the victims’ Social Security numbers as well as to avoid arrest. This is a scam intended to lure people into providing personal information including their Social Security number which will then be used for purposes of identity theft.

First and foremost, it is important to know that Social Security numbers are never suspended so right away you can be sure that a call informing you that your Social Security number has been suspended is a scam. The calls, however, can be very convincing and by using a technique called “spoofing” the call can manipulate your Caller ID into making it appear as if the call is coming from the Social Security Administration. Additionally, the Social Security Administration will not call you by phone if there is a problem with your Social Security. they will initiate contact by old fashioned snail mail.

TIPS

As I often have cautioned you, you can never be sure who is calling you when you receive a phone call and therefore should never give out personal information when you are asked in a phone call. If you believe the call is legitimate, you should hang up and call back the company or agency at a number that you know is accurate in order to ascertain whether or not (usually not) the call was legitimate.

In addition, the Social Security Administration (SSA) has a helpful online service called My Social Security Account which allows you to set up a personal online account with the SSA that enables you to view your earnings history and estimates of benefits as well as manage your benefits online including changing your address or starting or changing direct electronic deposits of your check into a bank account you may designate.  This is a tremendously convenient service, but it also provides a great opportunity for scammers who have been setting up My Social Security Accounts on behalf of seniors who have not already set up such accounts for themselves.  The scammers then make changes to the victim’s account by directing their benefits checks to be sent to bank accounts controlled by the scammers.  Even though  the Social Security Administration requires verification of personal information by asking questions that only the Social Security recipient should know as part of the process for opening a My Social Security Account, too often this information is available to a determined identity thief who is thereby able to fraudulently open an account in the name of their intended victim.

In order to improve the security of the accounts, the SSA is now requiring people to use dual factor authentication to access their accounts once they have been set up.   At the user’s option, the dual factor authentication is done by the SSA sending a one time code either to the user’s email or cell phone. Using an email address for dual factor authentication may prove to be problematic because it is not particularly difficult for a sophisticated hacker to gain access to someone’s email account.

Just as the best defense against income tax identity theft is to file your income tax return before an identity thief attempts does so in your name, so the best defense against the fraudulent setting up of a My Social Security Account in your name is for you to set one up first and protect its safety with a strong username and password. For information about signing up for a My Social Security Account go to https://ssa.gov/myaccount/

You can also require that any changes to the bank account into which your check is electronically deposited only be done at a Social Security branch office and not on your online account.

If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of www.scamicide.com and click on the tab that states “Sign up for this blog.”