Posts

What Happens if Your Social Security Number Gets Stolen?

It might be surprising to know that when Social Security numbers were first given out in the 1930s, that they were not used as a form of identification. However, whether you know it or not, most of us use our SSN every day, from visiting our doctor’s office to doing banking transactions. Your Social Security number is likely being accessed by humans and computers on a daily basis.

Social Security numberYour Social Security number is a form of verification, authentication, and it is even used as a password. Simply having it, simply knowing it, and entering it, verifies and authenticates its holder. However, it shouldn’t be like that at all.

You need your Social Security number to apply for a job, to open credit cards, and even to get married. Since we use this number so often, you might be wondering what happens if it gets stolen. Here’s what you should do:

Fraud Alert – The first thing to do is to get in contact with one of the three major credit bureaus. That one bureau then contacts the other two bureaus. You must put a fraud alert on your report. When you do this, a creditor or lender hopefully will use much stricter guidelines when they get a credit application. Keep in mind that these alerts only last for 365 days, but you can get an extension. Also keep in mind that this is not a full proof plan, the lender may not enable these stricter guidelines at all.

Credit Freezes – You should also consider freezing your credit. When this happens, you cannot use your credit to refinance or open a new line of credit until you go through the unfreezing process. Keep your credit frozen, and then unthaw it when you need it. Getting a credit freeze is a pretty simple process, it does require a bit of effort and organization, however it is a great way to protect your identity from new account fraud, we will discuss this in more detail and future posts.

Get ID Theft Protection – You should also think about getting ID theft protection. This can be an investment for some, but it also ensures that there is someone monitoring your credit 24/7. Identity theft protection services don’t actually protect you from much in the way of new account fraud, account take over, credit card fraud, criminal identity theft, tax related identity theft, medical related identity theft, but nothing else does either. However, what identity theft protection service does do is monitor your credit and there is an insurance component that kicks in and activates “identity theft expert restoration agents” that fix stolen identities. These people can get you back on track quickly if your identity is stolen.

Keep an Eye on Your Credit – If around 90 days have passed, and you don’t see anything weird on your credit report, don’t think that this automatically mean you are safe. A thief can use your info in other ways, too, so keep an eye on your credit report. Also keep in mind that your Social Security number can be used by a thief in perpetuity or until about six months after your perish. You can get a free copy online at AnnualCreditReport.com.

Be Cautious When Online – Finally, it is important that you make sure that you are using caution when online. Cybercriminal know every trick in the book, and people fall for them all of the time. Here are some things to remember:

  • Do not click on any email links. This is true even if it is from someone you know. Unless you are expecting it, do not click on anything in an email.
  • Do not open any email that is found in your spam folder.
  • Do not open emails that have sensational or exaggerated subject lines.
  • If you have the choice to use two-factor authentication, you should do it.
  • Have a firewall, an antivirus program, and anti-malware software.
  • Create a unique password for each account you have. Make sure that they are hard to guess, and don’t let them contain information like your name, pet’s name, etc.
  • Use a password manager.
  • Shred all of your documents that contain personal information before you put them into your garbage.
  • Don’t give your Social Security number out to anyone unless it is a total necessity.

Remember, if your credit is frozen and if you have identity theft protection combined, you have “multiple layers of security” and you can give your Social Security number out without much of a worry.

ROBERT SICILIANO CSP, is a #1 Best Selling Amazon author, CEO of CreditParent.com, the architect of the CSI Protection certification; a Cyber Social and Identity and Personal Protection security awareness training program.

Protect Your Identity From Thieves

There are tried and true ways to protect yourself from identity theft—ways that you may not have even considered.

Evaluate your passwords. Does every online account have a different password or are you using the same one for multiple accounts? Fix this problem immediately by investing in a password manager software. Avoid using actual words or names, or keyboard sequences. Password managers facilitate the password creation process.

Never post anything personal on social media.This includes your pet’s name, name of your kids’ school or teacher, where you’re going on vacation, the town your parents live in, etc.

Ignore e-mails whose senders you don’t know. Never click links in e-mails or open attachments you’re not expecting.

Set your phone up with a password. If it’s lost or stolen, you’ll have no worries.

Shred everything. All your credit card offers, medical records and other personal information before tossing.

Never give it out your Social Security number unless it’s absolutely mandatory like a credit application. However, just because someone says they can’t process your request without your SSN doesn’t mean you must hand it over. The objective is to minimize how much your SSN is “out there.”

Request your free credit report every year from the three major credit reporting bureaus. Refute unauthorized accounts immediately.

Inspect your statements such as credit card and banking statements every month for suspicious activity.

Use a locking mailbox or have your mail delivered to the post office and pick up.

Stop mail delivery when taking long trips.

Get a credit freeze. This is a no brainer to protect you from new account fraud.

Invest in identity theft protection. There is no cure for identity theft. But with a protection plan in place, the restoration component will fix most of what goes wrong.

ROBERT SICILIANO CSP, is a #1 Best Selling Amazon author, CEO of CreditParent.com, the architect of the CSI Protection certification; a Cyber Social and Identity and Personal Protection security awareness training program and the home security expert for Porch.com

It’s Tax Time: Play it Safe or Lose Your Identity

Once again, tax time has rolled around, and though you technically have until April 15th, it’s always best to file a bit earlier…especially if you want to avoid setting yourself up for ID theft.

How Could Filing Taxes Compromise Your Identity?

Here’s how you could become a victim of ID theft just by filing your taxes: the first method is that a thief uses your Social Security number to file taxes, and then they steal your refund. The second method that they use is they take your Social Security number, get a job while using your Social Security number, and then their employer reports that income to the IRS. When that happens, the IRS gets your return, flags it as suspicious, and you could get a big tax bill in the process.

Of course, in either case, you could face some big problems. You could, for instance, be unable to file your own tax return or collect your refund…at least for a while until the IRS sorts it out. You also might find that the thief has used your Social Security number to get credit cards, loans, or other cash that will wreck your credit.

How do Thieves Get Your Information?

The big question here is this: how do the ID thieves get your Social Security number in the first place? Generally, they do it by hacking. For instance, do you remember the Equifax hack from 2017? Millions of people were affected, and you, too, could have been involved in that. It’s possible that thieves could get your Social Security info from hacks just like this one.

What to Do if You are a Victim

If you learn that you are a victim of tax ID theft, there are some things that you can do.

  • Fill out Letter 5071C – This is a form that the IRS sends if it feels like your tax return is suspicious.
  • Fill out Form 14039 – This form alerts the IRS that you believe you are a victim or potential victim of tax ID or regular ID theft.
  • Get an Identity Protection PIN – This is a number that the IRS can give you to confirm your identity on any future returns.
  • Report to the Federal Trade Commission – You should also file a report at IdentityTheft.gov to alert the FTC of the situation.
  • Contact your state’s tax office – Also, make sure to contact the tax office in your state. It might have other recommendations for you.

If you have tried to e-file and get a rejection, you should still file a paper return via mail. Also, call the IRS Identity Protection Unit for help. An agent can get you started on taking care of the issue and make sure your taxes are filed appropriately.

ROBERT SICILIANO CSP, is a #1 Best Selling Amazon author, CEO of CreditParent.com, the architect of the CSI Protection certification; a Cyber Social and Identity Protection security awareness training program.

Your Uber Driver May be a Criminal

Do you Uber? If you do, you probably feel pretty safe getting into the car of a stranger. However, you might not be as safe as you think.

Most people take for granted that Uber does background checks on its drivers, but there are actually a number of shady drivers who have recently been accused of crime, and it’s definitely not the first time they have had run ins with law enforcement. Some of these people are accused of committing crimes against their passengers, and that’s where things really get scary.

CNN recently took a look at both Uber and Lyft and found that both companies approved hiring thousands of drivers who have criminal records. Uber responded to this report by saying it knows that there were some hiring mistakes in the past, but they have improved the way they hire, and in 2017, rejected more than 200,000 people because of issues on the background check. However, both companies are not keen to adopt more scrutiny in the screening process.

Several state and local law enforcement agencies are pushing the companies to put more focus on potential drivers. Right now, for instance, they don’t do any fingerprinting nor federal background checks. Instead, both Uber and Lyft use a third-party background check company. It uses the name and Social Security number of potential drivers to check the national sex offender database, local court records, and suspected terrorist databases. The goal is to get drivers on the road as soon as possible, and many of these checks are instant.

Currently, there are 43 states that require screening for rideshare services, but these laws don’t say that the companies have to use a specific company or screen in a certain way. Instead, 42 of these states allow rideshare companies to take responsibility for the screening. Only Massachusetts requires a company background check and an additional check, which is done by the state. Only New York City requires rideshare drivers to have fingerprinting done.

It’s also worth mentioning that just because a company does background checks that include fingerprinting, it isn’t always fool proof. The FBI system that is used for this has incomplete records and it is not meant to be used in this way.

As someone who uses Uber, it’s important that you keep all of this on the back of your mind before you take your next ride. Yes, there is some type of background check done, but don’t let that fool you; your Uber driver could still be a criminal.

ROBERT SICILIANO CSP, is a #1 Best Selling Amazon author, CEO of CreditParent.com, the architect of the CSI Protection certification; a Cyber Social and Identity Protection security awareness training program.

Two Common Government Employee Impersonation Scams: What to Watch For

One of the biggest threats that taxpayers are facing these days is an aggressive scam where criminals call victims and pretend to be IRS agents. The goal? To steal money.

All year but especially during tax filing season, the IRS will see a big surge in the number of scam calls, which tell victims that they will be arrested, deported, or have their driver’s license revoked if they don’t pay a fake tax bill.

How the Scams Work

These scammers make calls to people and claim to be from the IRS. They inform the victim that they have an unpaid tax bill, that must be paid immediately, either through a prepaid debit card or wire transfer. To make this sound even more legitimate, the scammers might also send a phishing email or make robo-calls to the victims.

To get the victims to pay, and to pay quickly, they make threats, as mentioned above. On top of this, they also can alter the number they are calling from through caller ID spoofing services to make it look like the IRS is actually calling. The scammers also will use badge number and IRS titles to make themselves sound more official.

The IRS is onto these scams, of course, and it has released information to remind taxpayers to be aware of them. For instance, a report from the Treasury Inspector General for Tax Administration, TIGTA, states that there are more than 12,000 people who have paid more than $63 million due to these phone scams over the past few years.

Recognizing an IRS Scam

There are certain things that the IRS will never do, so if you see any of these things, or you are asked to them, you can be sure that it’s a scam.

The IRS will NEVER:

  • Threaten to bring in local police for not paying your tax bill
  • Ask you to pay via a gift card or wire transfer
  • Demand that taxes are paid without question or the opportunity to appeal
  • Ask for debit or credit card numbers over the phone
  • Call about an unexpected refund
  • Call to collect money without first sending a tax bill

If you get a call from the “IRS” asking for any of this, hang up.

There are Social Security Administration Scams Out There, Too

The IRS is not the only government agency plagued by scams. People are also getting scammed by people claiming to be from the Social Security Administration, or SSA. The goal here is to try to get your Social Security number.

Basically, someone will call you and claim to be from the SSA in an attempt to collect your personal information, including your Social Security number. If you get a call like this, you should definitely not engage with the caller, nor should you give them any money or personal information.

One of the ways that scammers are so good at getting this information is that they try to trick their victims by saying their Social Security number has been suspended due to suspicious activity, or that it has been connected to a crime. They will ask the victim to confirm their SSN in order to reactivate it.

Sometimes, they might even go further with this and tell the victim that their bank account is about to be seized, but they can keep the money safe…by putting it on a gift card, and then sending the code to the scammer.

You might wonder why people fall for this, but it really is easy for these scammers to change their phone number to show the same number as the SSA on caller ID. But this is a fake number…it’s not really the Social Security Administration.

There is also the fact that the scammers will say that someone has used your personal Social Security number to apply for a credit card, and because of this, you could lose your Social Security benefits. They also might say that your bank account is close to being seized, and you must withdraw your money or wire it to a “safe account,” which is, of course, the account of the scammer.

Here’s some of the details about these scams that you need to know:

  • Your Social Security number won’t be suspended. You never have to verify your number to the SSA, either and the agency can’t just seize your bank account.
  • The SSA will never call you about taking your benefits or tell you that you must wire money to them. If you are asked for money from the SSA, it is a scam.
  • The SSA’s number is 1-800-772-1213, but scammers are using this to appear on caller ID. So, it looks legitimate. So, if you get a call from this number, hang up and call it back. This way, you can be sure you are talking about the SSA and get the information you need…or find out that someone was trying to scam you.

Do not give your Social Security number to anyone over the phone or via email…also, don’t give your credit card number or bank account number to anyone over the phone or via email.

Robert Siciliano personal security and identity theft expert and speaker is the author of Identity Theft Privacy: Security Protection and Fraud Prevention: Your Guide to Protecting Yourself from Identity Theft and Computer Fraud. See him knock’em dead in this Security Awareness Training video.

Facebook Wants my Social Security Number!

WTH Facebook? Generally,  I don’t have a problem giving out my SSN. That might seem contrary to the advice I give, but frankly, our SSNs are everywhere and if my insurance company needs it, I’ll generally just question them on it, maybe resist a bit, and if they insist, and I need that insurance policy, I’ll cough it up.

facebook security

My identity in regards to “new account fraud” is protected via a credit freeze and I also have identity theft protection in place. So between the two, I’m pretty locked down. This is the advice I give everyone. So I’m generally not alarmed or concerned when asked for my SSN.

BUT, today friggin Facebook asked for it and of all the company’s or government agency’s on the planet to ask for this level of personal identifying sensitive information, Facebook is the world’s single most notorious abuser of privacy in the history of the world.

There have been countless breaches and privacy issues with Facebook and this is so over the top I can’t even believe they have the nuts to ask for a copy of my Social Security card.

Here’s how it played out….An email came in from Facebook subject line “Your sales are on hold”  with the message:

Hi Robert Siciliano: Security Awareness Fraud & Personal Security Expert,

When Robert Siciliano: Security Awareness Fraud & Personal Security Expert’s shop was set up, Robert Siciliano’s information was entered. To help keep Facebook secure, we need to confirm the identity of people representing a business on Facebook or Instagram.

Your sales have been temporarily put on hold until we can confirm Robert’s information. This is a standard process and should only take a few minutes to complete.

Once you confirm Robert’s information, you’ll be able to receive payments again.

Thanks,
The Facebook Team

WTH?!! OK, sure. So I sell my books on my Facebook page and e-commerce is involved. There’s a tax thing going on here. But they aren’t asking for my EIN or are engaging me in a formal process to vet my viability as a tax payer. They are asking for a copy of my SSN in the form of a scan to “verify” me!

I clicked a link on Facebook to see where this debacle would take me and see here:

So I clicked “Contact Us” to voice my frustration and my response was:

And I’ll repeat: “Screw off. I’m not sending Facebook a copy of my SSN card. WTH is wrong with you? What are my other options?

Stay tuned for how this BS turns out.

To be continued. Robert.

Robert Siciliano personal security and identity theft expert and speaker is the author of Identity Theft Privacy: Security Protection and Fraud Prevention: Your Guide to Protecting Yourself from Identity Theft and Computer Fraud. See him knock’em dead in this Security Awareness Training video.

New Phone Scam Scares with Social Security Sham

We all get scam phone calls, but the newest one is meant to scare. When you pick up the phone, you get a message that your Social Security number is suspended due to suspicious activity, and then prompts the victim to speak with an agent to get help.

The FTC makes something very clear: your Social Security number cannot be suspended for any reason, so any call that states your SSN is under suspension is a scam. What they are really trying to do is to trick you into giving them your actual Social Security number along with information such as your birthday and bank account number. 

This scam is just a tricky variation of a scammer’s trick that often works. In this case, they are trying to scare you first, and then offer to help…but in reality, these scammers are trying to steal your information.

Remember These Social Security Facts

If you get a call about your Social Security number, you should remember the following:

  • The Social Security Administration only calls from one number: 800-772-1213.
  • A Social Security Number cannot ever be suspended.
  • The Social Security Administration won’t ever threaten an arrest.
  • You will probably NEVER get a call from the SSA.

Also, of course, remember this: NEVER give your SSN to someone who contacts you that you don’t know.

The Scam

There are a few variations of this scam. The first is that they call and say that your SSN is suspended due to suspicious activity. They then say, if you want to know more about the case, press 1. When you do, of course, you are connected to an agent who is trained to get your information.

Another variation of this scam is a bit more aggressive. In this case, it states that law enforcement has suspended your Social Security number because of suspicious activity. You are advised to call a toll-free number immediately and verify your SSN. The scam also claims that if you do not call the number, an arrest warrant will be issued, and you, of course, would be arrested. Though not everyone will get one of these calls, if you do, you should definitely pay attention. Again, the SSA would never suspend a Social Security number, nor would it threaten to arrest you. It’s also good practice to never give you SSN to anyone who asks for it over the phone. Instead, hang up and go on with your day.

Robert Siciliano personal security and identity theft expert and speaker is the author of Identity Theft Privacy: Security Protection and Fraud Prevention: Your Guide to Protecting Yourself from Identity Theft and Computer Fraud. See him knock’em dead in this Security Awareness Training video.

How to Protect You Frequent Flier Miles NOW

Social Security numbers and credit card numbers are not the only types of data that hackers are after. Now, they are looking at frequent flyer accounts, and they are stealing reward miles, and then selling them online.

How do Hackers Steal Frequent Flyer Miles?

As with other types of ID theft, hackers use info that they have illegally obtained to access frequent flyer accounts. With more data breaches happening than ever before, hundreds of millions of records are exposed, and thus, hackers have great access to the personal info they need to get into these accounts.

What do Hackers Do with Frequent Flyer Miles?

It is hard for hackers to use these miles on their own because often, the travel has to be booked in the name of the owner. However, it is very easy to transfer these miles to other accounts or to use the miles to purchase other rewards. Usually, no ID is needed for a transfer like this. This is also difficult to track because hackers use the dark web and VPNs to remain anonymous.

Hackers also sell these miles, and they catch a pretty penny. For airlines like British Airways, Virgin Atlantic, and Delta, they can get hundreds, or even thousands of dollars for their work.

In addition to transferring these miles from one account to another, hackers are also selling the account’s login information. Once someone buys this, they can now get into the owner’s account and do what they want with the miles.

Protecting Your Frequent Flyer Miles

There are some things that you can do to protect your frequent flyer miles. You should check your frequent flyer accounts regularly using your airlines mobile app. Change all your airline passwords and never re-use passwords and set up a different password for each account.

Other things that you can do include the following:

  • Protect your personal information by making sure every online account has a unique and difficult to guess password.
  • Use a dark web scan. This will show you if any personal information is out on the dark web.
  • If you do find that your miles have been stolen, it also is probable that your personal information has been compromised, too. Monitor your credit report and check it often for anything that looks odd. This is a big sign of an issue.

Robert Siciliano personal security and identity theft expert and speaker is the author of Identity Theft Privacy: Security Protection and Fraud Prevention: Your Guide to Protecting Yourself from Identity Theft and Computer Fraud. See him knock’em dead in this Security Awareness Training video.

Beware of the Social Security Administration Employee Scam

There is a new Social Security scam in the news, and you should definitely know about it. The Acting Inspector General of Social Security, released a statement that warns people of this new scheme. Basically, scammers are impersonating Social Security Administration employees.

The scam started out fairly small and localized, but now, people from across the country are reporting that they are getting calls from people stating that they are from the Social Security Administration. The caller attempts to get personal information from the person they call including address and banking information.

Here’s How the Scam Works

Almost all of these calls are coming from a 323 area code, but don’t think for a second they won’t change this up. The caller says that they are an SSA employee, and sometimes tells the victim that they are getting a cost of living adjustment, so their benefits will be higher. Many callers believe this, of course, so when the scammer asks them to verify things such as their name, their birthday, their Social Security number, and even the name of their parents, they gladly do it to get an increase in their benefits. Once the scammer gets the information, they then contact the SSA and change the victim’s account information so that the benefits now go into a different account. Then, they can collect the cash.

Currently, the Social Security administration does contact people by phone in certain cases. However, the person usually knows that they should be expecting a call. It is also possible that an SSA employee might ask a person to verify information. So, none of this really seems unusual to anyone who has dealt with the SSA.

What to Do if You Get a Call

Hang up. Plain and simple. If you get a call from the Social Security Administration, you should report it immediately to 1-800-269-0271. You can also report it online.

It is also very important to be cautious, and you should avoid giving any information, such as your bank account number or Social Security number, to anyone who calls you. To check if it is a legitimate call from the SSA, tell the person calling that you are worried about scams, and ask if you can call them back. A legitimate SSA employee should be perfectly fine with this. Then, look up the number yourself. Don’t call a number that they give, no matter what. Finally, you can also contact the Social Security Administration at 1-800-772-1213 if you have any question about any text, letter, email, or call that you get.

Robert Siciliano personal security and identity theft expert and speaker is the author of Identity Theft Privacy: Security Protection and Fraud Prevention: Your Guide to Protecting Yourself from Identity Theft and Computer Fraud. See him knock’em dead in this Security Awareness Training video.

A “Credit Profile Number” is a fake SSN, and it Works

Cyber criminals are constantly trying to stay one step ahead of the good guys, and there is now another scam out there that you should know about: synthetic identity theft. Basically, the criminals take information from someone, and then make up the rest. They also often use fake Social Security numbers, called CPNs, or “credit profile numbers,” or names.

This type of identity theft shows us that our credit system is more vulnerable than we might think. Basically, it is easy to create a credit file on these identities, and once they have that, they can get a credit card or loan.

Of course, using a CPN like this on an application for credit card or loan is illegal, but lenders currently don’t have a conclusive way of distinguishing a real Social Security number from one of these fake ones. The Social Security Administration generates SSNs randomly. This makes it difficult for a lender to notice a fake one. Technically, a lender can contact the SSA and cross-check, but most of them don’t. Why? Because the SSA requires a handwritten signature from the person who has that SSN, and this is a pain in the neck for lenders.

So, of course, the best thing to do is to create a way for lenders to instantly check to see if a Social Security number is valid or not, and as of now, they do not have the capacity to do this. Lenders do, however, use their own fraud-detection tools, but these requests for credit still fall through the cracks.

This practice also has created more open windows for fraudsters, because they know that the system is vulnerable. It’s true that many lenders won’t accept a credit application from someone with no history of borrowing, which is the case with a CPN, but some still do, and the more activity the file sees, the more likely it is that credit will be given. Once credit is approved, a full credit report is created. Though it likely won’t be a high amount of credit, many lenders take a chance on new borrowers, and at a minimum, extend a couple of hundred dollars. Some people will even get a card that has, say a $300 limit, and use the card for a time. Once they establish a good payment history, they can get a credit increase, and that’s where the fun really begins.

This is just one more scam that you should be aware of, and one more reason to keep your private and personal information safe.

Robert Siciliano personal security and identity theft expert and speaker is the author of Identity Theft Privacy: Security Protection and Fraud Prevention: Your Guide to Protecting Yourself from Identity Theft and Computer Fraud. See him knock’em dead in this Security Awareness Training video.