Tag Archives: Identity Theft

Fraudulent Customer Service Phone Numbers

By now you’ve probably heard about Tech Support Scams, where someone calls you out of the blue and tries to convince you that your computer is infected with a virus, that they have somehow detected it remotely, and that the only way to fix the problem is to hand over money, control of your computer, or both.

It’s one of those scams that can easily be avoided with the question, “Who initiated contact?” If they called you, it’s fraudulent.

But what about when you’re the one initiating contact?

When you need customer service from a large company like Amazon, Facebook or Netflix, it’s important to make sure you’re getting their contact information from a trustworthy source. Internet searches might lead you to a correct number, but the internet is also brimming with hundreds of examples of fraudulent customer service numbers, posted by criminals in hopes that you will call them instead of the legitimate phone number.

What happens if you call a fraudulent number? They may try to get your password information to take over your account and lock you out, they may ask you to reveal credit card or other financial account information, or they may take over your computer (with your help) and install malicious software or commit other crimes.

If you need to contact customer service, make sure you’re getting your information from a reliable source. Don’t trust phone numbers that appear in online forums. If you notice zeros replaced with the letter “O” (1-8OO instead of 1-800, for example), that’s a sure sign of a fraudulent phone number.

With some companies, Facebook being the most prominent example, there simply is no phone number you can call. Any problems have to be resolved using online tools. Every single phone number you see listed on the internet as a Facebook customer service line is false information.

The best way to find customer service contact information is to go directly to the company’s website and look for links like “Help” or “Contact Us.” Sometimes there will be options for help via email or chat and no option for telephone contact, other times the phone number will be front and center. It depends on the company you’re dealing with. In any case, to avoid a massive headache and potential losses to fraud, always make sure you’re getting the number from the official source before you even pick up the phone.

How to Freeze Your Credit

The recent Equifax data breach exposed the personal identifying information of at least 143 million U.S. consumers, which has led to a wider interest in placing a “security freeze” on credit reports (a.k.a. “freezing your credit”).

A security freeze prevents new credit accounts from being opened using your personal information, unless you lift the freeze in advance of applying for credit. This is accomplished using a PIN that either you or the credit bureaus create when placing the original freeze. This means that a freeze can stop an identity thief from creating new lines of credit, even if they already have all of your information.

A credit freeze is an important tool in preventing one type of identity theft, but does not prevent existing accounts from being accessed with stolen credentials, fraudulent credit or debit card transactions, employment or medical identity theft, or the filing of fraudulent tax returns. In other words, even after you place a security freeze, you still have to remain aware of the risks of identity theft.

There are three major credit bureaus and one minor. Here is where to go for each one, as well as some notes (information is accurate as of 10/2/2017, but websites may be updated in the future):

TransUnion: https://www.transunion.com/credit-freeze/place-credit-freeze2

Notes: use the “Click to initiate freeze process” link (last item under the “How Do I Decide What to Do?” table). Note that a “lock” is different from a freeze; what you want is a freeze. TransUnion requires you to create an account with a password, then you can place the freeze and create your PIN. To temporarily lift the freeze, log in at https://freeze.transunion.com.

Experian: http://experian.com/freeze

Notes: Experian is probably the easiest of the four to use, with the “Add a security freeze” option prominently displayed. You can create your own PIN, or have the site generate one for you. You can also choose whether to print your receipt or have it emailed to you. Double-check that your email address is correct if you choose this option! Visit the same site to temporarily lift the freeze.

Equifax: https://www.freeze.equifax.com

Notes: creates a “one-time PDF” which contains your PIN (the site generates it for you). Make sure you’ve got a PDF reader installed beforehand so you can view the file (Adobe and Foxit are popular free choices). Visit the same site to lift a freeze.

Innovis: https://www.innovis.com/personal/securityFreeze

Notes: Innovis sends your PIN via postal mail around 10 business days after you place the freeze. To lift the freeze, visit the same website and follow the instructions.

Prevent tax identity theft with an Identity Protection PIN

UPDATE 3/8/16: Or don’t get a PIN. According to KrebsOnSecurity.com, and as seen on the IRS site linked below, there have been some major security issues with the Identity Protection PIN system, and for now the service has been suspended. Once again, it took identity thieves around four seconds to figure out how to abuse a feature designed to protect your personal information and prevent tax return fraud.

I’ve written plenty of times about not opening emails that appear to come from the IRS (because of malware and/or phishing), but there is another type of crime that ramps up during tax season: tax identity theft.

Basically, it works like this: an identity thief already has your information, files a fake tax return in your name (from which a large refund will be due), then has the money directly deposited into an account controlled by the thief.

Most people’s first warning sign is when the IRS rejects their actual tax return because, according to their records, they already submitted one.

One step you can take to prevent this form of identity theft is to get an Identity Protection PIN from the IRS. You’ll have to use this PIN any time you file taxes (it’s not the same as your e-file signature PIN). The IRS will send you a new one every December or early January. Once you’re signed up, you’ll have to use a PIN every year to file your taxes, and you can’t opt out.

I can’t find any information about how long it actually takes to get your PIN from the IRS. If you’re ready to file your taxes now, or if April 15th is approaching (depending on when you read this), it might be better to wait until after you’ve filed this year’s return.

For more information, and to request a PIN, visit the official IRS page at https://www.irs.gov/Individuals/Get-An-Identity-Protection-PIN

Security freeze information for Indiana residents

The Indiana Attorney General’s office has information about security freezes, which are free for residents of Indiana (and some other states—you’ll have to check your own state’s laws if you don’t live here).

You can download the information here, or visit the Indiana Consumer website. I’ll put a link on the Fraud Prevention Resources page as well.

A security freeze (or credit freeze) prevents new lines of credit from being opened in your name, even if an identity thief has your Social Security number and other information, by adding an extra step to the credit application process.

Anthem Data Breach: Let the scams begin

News of the massive data breach at insurance giant Anthem Inc. isn’t even a week old, and already the phishing scams have begun.

Phone calls and emails are already circulating that claim to represent Anthem and offer free identity theft protection to victims of the breach. These calls and emails are not from Anthem, but scammers attempting to obtain personal and financial information.

Anthem has stated that they will contact customers affected by the breach by mail over the next couple weeks.

That means postal mail, friends. The kind that’s on paper and comes in an envelope, delivered by that person your dog completely freaks out at six time a week. The letters will give you information on identity theft protection, as well as the next steps you should take.

If someone calls you on the telephone, they’re not from Anthem.

If you get an email message, it’s not from Anthem.

If you get a text message, that’s not from Anthem, either.

If some weirdo shows up at your door, they’re not from Anthem.

Okay, I don’t really think that last one is going to happen, but you never know. I’m trying to me preemptive, here.

Watch your mailbox if you’re a former or current Anthem (or Wellpoint) customer. The old-school mailbox. Any other communications that claim to be from Anthem are fraudulent.

You can also get information online here.

Data breach at Anthem, and it’s a bad one

Yesterday, health insurance leviathan Anthem Inc. announced that its databases had been hacked, and “tens of millions” of current and past customers (including Wellpoint customers, Anthem’s predecessor) could be affected.

This one is much worse than any of the major retail breaches you’ve heard about, because this time the hackers took names, Social Security numbers, dates of birth and addresses.  In other words, this means identity theft.

The retail breaches were irritating, sure. Your debit card might suddenly stop working, or you’d notice a fraudulent charge on your statement and you’d have to wait a few days to get that reversed. The stores would sign you up for free identity theft protection, which didn’t really help because it doesn’t block fraud on card transactions anyway. But you’d end up with a new debit or credit card.

The thieves in the Anthem breach didn’t get any credit card, debit card or account numbers, but the information they did take is exactly the information required to create false identities.

This could be much worse than not being able to use one of your cards for a couple weeks.

Anthem says it will notify affected customers by mail if their information was one of the affected accounts. When they offer free identity theft protection, this will be the time to take them up on it.

If you get a letter saying yours was one of the affected accounts, I would also recommend placing an identity theft alert or security freeze with the big three credit bureaus (Experian, Transunion, Equifax).

Maybe it’s time for “security freeze” to be the default setting for everyone, all the time. What happens after the single year of protection Anthem will (most likely) provide runs out? It’s not like the people who will end up buying this stolen data can’t just wait it out until after the protection expires. Maybe Anthem owes all of its customers free lifetime protection. Words like “very sophisticated external cyber attack” imply that the breach was unpreventable, but was it? We don’t know, and we might not ever.

At any rate, if you’re a current or former Anthem (or Wellpoint) customer, watch your mailbox for notification that your information has been compromised.

Sources:

File Under “Things That Were Just a Matter of Time.” New scams using Affordable Care Act to harvest personal information.

Okay, so if you live in these United States, you may have heard of a controversial little thing called the Affordable Care Act.

Yeah, okay, before you head to the bottom of the page to sound off, I’ve already turned comments off for this post. I’m not here to express my opinion of the legislation, and I’m not fielding others’, either. Our opinions are irrelevant for the moment. Besides, certain post topics generate TONS of bot-generated spam comments, and I have a hunch this might be one of them (you should’ve seen how many came in when I wrote about Açaí berry scams a few years ago…it was seriously ridiculous).

Here’s all we need to know, and it’s pretty easy to agree upon: The Affordable Care Act is a Thing That Exists. (That’s only a matter of opinion if you’re into really fabric-of-universe-level philosophical discussions.)

And, as a Thing That Exists, it was only a matter of time before someone started up a scam based upon it.

Lo and behold, the FTC is reporting exactly that. Scammers are calling potential victims to “verify” information. For example, “So I see here that your routing number is __________, is that correct? Okay, good, so now we just need your account number…”

Here’s the deal with the Affordable Care Act: if you’re one of the people who is going to need to use the exchanges to obtain insurance, you’re going to be the one contacting them. According to the FTC report, “If someone who claims to be from the government calls and asks for your personal information, hang up. It’s a scam. The government and legitimate organizations you do business with already have the information they need and will not ask you for it.”

That sums it up pretty nicely, both in this specific instance and as a general rule.

Make 2013 the year you take action against scams that target seniors

I know, you already made your New Year resolutions several weeks ago.

But I also know that you’re probably already using the treadmill as a clothes rack again, too, so it’s time to make some more.

This year, I am challenging you to take action against scams and identity theft that target older people.

Every year, seniors lose millions to scams that target them because crooks make certain assumptions:

  1. They’re wealthy
  2. They’re gullible
  3. They live alone
  4. They won’t tell anyone

And all too often, seniors who are victims of scams don’t tell their families, out of fear or shame. Too often, they do live without regular contact from their loved ones. That’s why it’s important to join in the fight against fraud.

Maybe it’s your parents or grandparents, aunts or uncles. Maybe it’s just a neighbor. Whoever you know, whoever you care about, talk to them. Tell them about the scams that target seniors—utility scams, the grandchild-in-jeopardy scam, the 419 scams, the phony investments (Iraqi Dinars), the fake sweepstakes calls, the work-at-home cons. You can find out more about these on this very site, and all over the Internet.

Visit more often this year. Have dinner together. Talk to them about life in general. Did they mention phone calls or letters that sound suspicious? You don’t have to pry or cajole—you don’t need to know every detail of their bank account, or try to convince them to add you as an authorized signer in most cases. But you need to talk more, be together more.

It’s important for other reasons, too, you know.

Can we all do that this year?

“Does this fit with the way the world works?”

I saw a video the other day that featured Michael Shermer, editor-in-chief of  Skeptic magazine, talking about questions you can use to evaluate claims when it comes to science vs. pseudo-science. With a nod to physicist Carl Sagan, he referred to the method as a “Baloney Detection Kit.”

The fourth question in the Kit was:

Does this fit with the way the world works?

In other words, does the claim being made jibe with how reality tends to operate across a variety of situations?

What an excellent question to keep in mind when it comes to avoiding scams.

As I perused my Google Alerts for the latest news items about different types of fraud, I found that a lot of them could be avoided by simply asking that very question before acting. Here are some examples:

From Connecticut: Scam Targets Payday Loan Borrowers

In this scheme, a caller claims to be collecting on a delinquent loan, and tells the victim they will be arrested unless they make a payment over the phone right away. Is this how the world works?

Not even close. First, lenders don’t have the authority to decide if you’ll be arrested or not. The police in the U.S. are not employed by private financial institutions. Sure, if you commit loan fraud, they can contact authorities, but being delinquent doesn’t usually fall under that umbrella. Debtors prisons went out quite a while ago in this country. Second, whatever the circumstance, they don’t call you and tell you about an impending arrest in advance. You generally only get to know about it two seconds before it happens.

From Arizona: New Scam Claims that President Obama will pay Consumers Utility Bills

So the President’s gonna pay your light bill for you, huh?

Just like Reagan and Nixon and Kennedy all did, huh?

And he’ll be over tonight at six for dinner, with a marble rye and Trivial Pursuit, right?

Folks, this is not how the world operates. Presidents don’t pay your utility bills. In most cases, that one’s all on you. Don’t fall for it. They want you to surrender information so they can commit identity theft.

From Everywhere: The Exiled Nigerian Prince Scam

I won’t go into details about these scams, since most of you probably already know about them (here’s an old article if you don’t), but suffice it to say they fail the “is this how the world operates?” question with flying colors. Rich people don’t just give massive amounts of money away to random strangers. It would be nice if they did, but wishing something were true doesn’t usually do much to change the facts.

From Everywhere Again: Secret Shopper Scams

Offers for jobs that pay lots of money for minute amounts of unskilled work don’t appear out of nowhere in your email inbox. People who make $150 for an hour’s worth of work have advanced knowledge, skills or education to make their time that valuable. Cashing a check then wiring the money to someone doesn’t meet those requirements. Also, finding a job usually requires you to take the initiative first.

From South Carolina: Charleston police warn elderly against ‘found money’ scam

I suppose it’s possible that someone could find a wallet or briefcase that contained a large sum of cash. It still seems more like something that would happen in a movie than real life, but wallets exist, cash exists, and people who lose things exist. There’s no physical barrier to someone finding a vessel of some sort, bursting at the seams with cabbage.

However, upon finding such an object, there is generally a binary, either-or course of action that will follow, depending on the person who found it:

Honest Person: they’ll call the police and turn it in.
Dishonest Person: they’ll keep it all and run away.

There’s really not a whole lot of variation here. That’s just how the world works.

What won’t happen is that an honest person will find the cash, then offer to split it with a random stranger. Their concern will be for the owner of the money, or for helping solve a crime (because, let’s face it, big wads of discarded money have a distinctly criminal aroma about them).

What also won’t happen is that a dishonest person will find cash, then offer to split it with a random stranger. Their concern will be for their own gains and their own gains only.

Neither of those fit with how the world works, so if anyone in a parking lot ever tells you they found a big stash of money, don’t believe a word they say. That cash is a decoy, and they’re trying to get you to part with a chunk of “good faith money.” Politely decline, get a description, go somewhere safe, and rat ’em out. You just might save someone else from becoming a victim.

Yet another $1,000 Walmart Gift Card scam

I’ve already covered how you’re not getting a $1,000 Walmart Gift Card just for liking a page on Facebook.

Now there’s a text message version of the scam that directs victims to a website that asks for personal information.

At this point, I think we can call out a general identity theft and scam prevention tip, one you can keep in the back of your mind for all time:

You’re probably never going to get a free $1,000 Walmart gift card, ever.

Read that, then read it again. Remember it for the rest of your life. It doesn’t matter which communication channel the alleged offer shows up through, it’s a scam.

Facebook or Twitter? Scam.

Email? Scam.

Text message? Same deal.

Phone call? You guessed it.

Pony Express? Scam, but you’d have to admire their dedication, if nothing else.

I suppose there might be a scenario in which you could win a gift card, such as a raffle at your church or other reputable organization. But you have to actively enter to be eligible for those. People don’t just contact you out of the blue to give away massive gift cards. It would be nice if they did, but wishing something is true does nothing to alter the cold, hard facts.