Personal information including customer names, email addresses, phone numbers, mailing addresses scrambled passwords and the last four digits of credit card numbers of 8 million users of the  meal delivery service Home Chef were recently discovered to have been made available to cybercriminals on the Dark Web.  The Dark Web is a part of the Internet where cybercriminals buy and sell goods and services.  Cybercriminals often use the information gathered in data breaches such as this to form the basis of scams that start with spear phishing emails which are phishing emails specifically tailored with information about you and your interests.  The last four digits of credit card numbers could present particular danger of scammers creating phishing emails that appear to come from your credit card company that would contain the last four digits of your credit card number and your name which would make the phishing email very convincing. These spear phishing emails will attempt to lure you into either providing personal information that can be used to make you a victim of identity theft or to click on links containing harmful malware. You should always be skeptical of any email asking for personal information or prompting you to click on a link. Never provide such information or click on links until you have confirmed that the email is legitimate.


This data breach is another reminder that you should have unique usernames and  strong passwords for each of your online accounts so that in the event that there is a data breach and the password for one of your accounts becomes compromised, all of your accounts will not become vulnerable to being hacked.  Creating and remembering strong, unique passwords for each of your accounts is not as difficult as it may appear.  You can start with a strong base password constructed from a phrase, such as IDon’tLikePasswords. Add a few symbols like !!! and then adapt it for each account you have so that you will have a secure and easy to remember password for each of your online accounts.   Thus, your Amazon password could be IDon’tLikePasswords!!!AMA.

Also, whenever possible use dual factor authentication for your accounts so that when you attempt to log in, a one-time code will be sent to your cell phone to insert in order to get access to your account.  For convenience sake you can set up dual factor authentication so that it is only required if you are logging in from a different computer or device than you normally use.

In addition, if you have not frozen your credit reports, this would be a good time to do so.

To get the maximum protection from identity theft, it is important to freeze your credit at each of the three major credit reporting agencies. Here are links to each of them with instructions about how to get a credit freeze:

Once you have frozen your credit, be sure to keep the PIN and information on how to unfreeze your credit report in a safe place.

I also urge you to regularly go to the website where you can insert your email address and find what data breaches may have compromised your information.

For those of you receiving the Scam of the day through an email, I just want to remind you that if you want to see the ever increasing list of Coronavirus scams go to the first page of the website and click on the tab at the top of the page that indicates “Coronavirus Scams.”

If you are not a subscriber to and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of and click on the tab that states “Sign up for this blog.”