Posts

Protecting Your Social Security Number

Many people wonder if it is safe in certain situations to give out their Social Security number. We sure are asked for it a lot, but do you have to give it? When is it necessary? Here is some perspective:

One of the best rules you can live by is this: just because a person asks for your Social Security number, it doesn’t mean you have to give it. But also remember there are situations where you will not be provided various services unless you get it out.

You might feel that you have to, though, and freely give it. This could be a huge mistake, though. There are many times when you want to, though, and you should, but you have to do it with discretion.

Here’s the thing. Some of the people and organizations that ask for your Social Security number really have no business asking. Even when they ask for the last four digits of your SSN, don’t give that out, either, unless you know that the company already has it on file.

Really, when the IRS is involved, or other government agencies, or it is something financial that’s credit driven, such as getting a loan, you likely need to give out your Social Security number. In other cases, like applying for a job, you can tell a business you are not comfortable giving your number unless you are hired, and then they would need it for tax purposes.

I give out my Social Security number when required, with a little scrutiny, but in the end, I’m not worried about identity theft due to the fact that I have ID theft protection and a credit freeze which in most cases makes my Social Security number useless to a thief.

Tips to Protect Your Social Security Number

Here are some tips you can use to protect your Social Security number:

  • Don’t put your SSN on any written application or document. If your application is denied because of this, ask them if it’s really necessary, otherwise, give them your SSN.
  • Ask your bank if they absolutely require your SSN to verify your identity. There are other options they can use. But the Patriot Act might require it.
  • Consider extending your ID theft protection to include your children’s SSNs. Teach them to never give it out.
  • If you are at the doctor’s office, find out if you can use another number, such as the account number for your insurance.
  • Don’t send your SSN via email. If someone wants it, call them and give it to them verbally. Even then, don’t give the number out unless you know without a doubt that it’s legitimate.
  • You should get a statement from the Social Security Administration concerning your account each year. If your income is too high, someone else is probably using your number.
  • Don’t keep your Social Security card in your wallet. Instead, memorize the number and keep the card at home.
  • Don’t ever use your SSN as a password for anything.
  • If, for any reason, your SSN is in your PC, make sure the document is encrypted or password-protected.
  • Before you throw away any paperwork that has your SSN on it, black it out, and then shred the documents.

Really, all you have to do is have some common sense when it comes to your Social Security number. For instance, if you are applying for credit, it makes sense that they would need this. If you are getting a gym membership, unless they are granting a credit, they don’t need it.

Written by Robert Siciliano, CEO of Credit Parent, Head of Training & Security Awareness Expert at Protect Now, #1 Best Selling Amazon author, Media Personality & Architect of CSI Protection Certification.

If Your Social Security Card is Stolen, This is What You Should Do

Back in the 1930s when Social Security numbers were first introduced, they were not meant to be used as we use them today. However, if you are like most people, you use your SS number constantly; it might be at the bank, the doctor’s office, or somewhere else. You need to use a SS number to get a job, to open a credit or bank account, and even to get married. Since we use this number so often, what happens if your card is stolen or lost? This is what to do:

Put a Fraud Alert on your Credit Report

First, you want to put a fraud alert on your credit report by contacting all three major credit bureaus. When you do this, lenders and creditors use very strict guidelines when they screen any application with your information on it. These alerts last for a year, but you can get an extension when that year has passed.

Freeze Your Credit

If you want to get even more secure, think about freezing your credit. When doing so, you cannot use your credit for things like refinancing or opening a new credit line until you lift the freeze, which is good, because neither can a criminal.

Consider ID Theft Protection

If you can afford a couple of hundred dollars a year, you should consider ID theft protection. This ensures that your credit is monitored 24/7 by a team of experts who can also help to restore your credit if someone steals it.

Watch Your Credit Report

Even if you freeze your credit or get a fraud alert, that doesn’t mean that you are all in the clear. Thieves can definitely steal your identity in alternative ways. So, it is very important that you watch your credit closely. You can get a free report online at AnnualCreditReport.com or with some identity theft protection plans you can get access to credit reports once a month.

Be Smart When Online

Finally, there are some tips and tricks out there that cybercriminals use that people fall for all of the time:

  • Don’t click on any link in email, even if you think it’s from someone you know. At least call them to see if the link is legit.
  • Don’t open emails that look sensational or have a subject with a sense of urgency.
  • Don’t go in and click around on emails in your spam folder.
  • If you can use two-factor authentication, do it.
  • Use an antivirus program on all of your computers.
  • Shred personal documents before you throw them out. This is especially the case if they have personal information like a Social Security number or account number.
  • Only use long-hard-to-guess passwords for all of your accounts.
  • Don’t give out your Social Security number unless it is totally necessary.

Written by Robert Siciliano, CEO of Credit Parent, Head of Training & Security Awareness Expert at Protect Now, #1 Best Selling Amazon author, Media Personality & Architect of CSI Protection Certification.

Have You Heard of a “Credit Profile Number?” It’s a Fake Social Security Number

Cyber criminals are always trying to keep one step ahead of the crowd, and now there is another scam that you should be aware of. It’s called “synthetic identity theft,” and it is when a bad guy takes some of a victim’s personal information, and then they make up the rest. These people also will use fake Social Security numbers, which are known as “credit profile numbers,” or CPN.

Thanks to this type of identity theft, however, we can see that our credit system is very vulnerable. Essentially, it tells us that it is very easy to create a credit file by using this information, and once they do, they can get a loan or credit card with the information of their victims.

Of course, this practice is illegal, but cyber criminals don’t care, and there is really no way of distinguishing a fake Social Security number from a real one. Social Security numbers are randomly generated, and it makes it very difficult for a lender to notice when a fake one comes in. Technically, these lenders could contact the Social Security Administration, SSA, but most of them don’t take that step. Why? Because the SSA requires a signature from the owner of the SSN, and lenders are too lazy to do this.

A better idea would be to create a way to allow lenders to check to see if a Social Security number is real, but as of now, without the lender making significant financial investments in additional fraud prevention technologies, this is not a possibility. Lenders do, however, have their own tools for fraud-detection, but these fakes still fall through the cracks way more often than they should.

This practice has also made the job of a fraudster easier because they know that this is a system that is very vulnerable. It’s simply a numbers game, the more synthetic identities or CPNs submitted in applications for credit, the more likely they are to get approved. It is true that most lenders don’t accept credit applications from people who don’t have a credit history, which would be the case of a “credit profile number, but some do, and the more often they try to apply for credit or a loan, the better the odds are that they will be successful. Though the lender probably won’t give the applicant a lot of credit, this number can rise the more often it is used.

If there is one takeaway here, it is that you should be aware of any and all scams that are targeting your finances and identity. Take steps now to keep your personal and private information safe.

At a minimum, get yourself a credit freeze and consider investing in identity protection services. These layers of protection make you a tougher target.

ROBERT SICILIANO CSP, is a #1 Best Selling Amazon author, CEO of CreditParent.com, the architect of the CSI Protection certification; a Cyber Social and Identity and Personal Protection security awareness training program.

Your Uber Driver May be a Criminal

Do you Uber? If you do, you probably feel pretty safe getting into the car of a stranger. However, you might not be as safe as you think.

Most people take for granted that Uber does background checks on its drivers, but there are actually a number of shady drivers who have recently been accused of crime, and it’s definitely not the first time they have had run ins with law enforcement. Some of these people are accused of committing crimes against their passengers, and that’s where things really get scary.

CNN recently took a look at both Uber and Lyft and found that both companies approved hiring thousands of drivers who have criminal records. Uber responded to this report by saying it knows that there were some hiring mistakes in the past, but they have improved the way they hire, and in 2017, rejected more than 200,000 people because of issues on the background check. However, both companies are not keen to adopt more scrutiny in the screening process.

Several state and local law enforcement agencies are pushing the companies to put more focus on potential drivers. Right now, for instance, they don’t do any fingerprinting nor federal background checks. Instead, both Uber and Lyft use a third-party background check company. It uses the name and Social Security number of potential drivers to check the national sex offender database, local court records, and suspected terrorist databases. The goal is to get drivers on the road as soon as possible, and many of these checks are instant.

Currently, there are 43 states that require screening for rideshare services, but these laws don’t say that the companies have to use a specific company or screen in a certain way. Instead, 42 of these states allow rideshare companies to take responsibility for the screening. Only Massachusetts requires a company background check and an additional check, which is done by the state. Only New York City requires rideshare drivers to have fingerprinting done.

It’s also worth mentioning that just because a company does background checks that include fingerprinting, it isn’t always fool proof. The FBI system that is used for this has incomplete records and it is not meant to be used in this way.

As someone who uses Uber, it’s important that you keep all of this on the back of your mind before you take your next ride. Yes, there is some type of background check done, but don’t let that fool you; your Uber driver could still be a criminal.

ROBERT SICILIANO CSP, is a #1 Best Selling Amazon author, CEO of CreditParent.com, the architect of the CSI Protection certification; a Cyber Social and Identity Protection security awareness training program.

Two Common Government Employee Impersonation Scams: What to Watch For

One of the biggest threats that taxpayers are facing these days is an aggressive scam where criminals call victims and pretend to be IRS agents. The goal? To steal money.

All year but especially during tax filing season, the IRS will see a big surge in the number of scam calls, which tell victims that they will be arrested, deported, or have their driver’s license revoked if they don’t pay a fake tax bill.

How the Scams Work

These scammers make calls to people and claim to be from the IRS. They inform the victim that they have an unpaid tax bill, that must be paid immediately, either through a prepaid debit card or wire transfer. To make this sound even more legitimate, the scammers might also send a phishing email or make robo-calls to the victims.

To get the victims to pay, and to pay quickly, they make threats, as mentioned above. On top of this, they also can alter the number they are calling from through caller ID spoofing services to make it look like the IRS is actually calling. The scammers also will use badge number and IRS titles to make themselves sound more official.

The IRS is onto these scams, of course, and it has released information to remind taxpayers to be aware of them. For instance, a report from the Treasury Inspector General for Tax Administration, TIGTA, states that there are more than 12,000 people who have paid more than $63 million due to these phone scams over the past few years.

Recognizing an IRS Scam

There are certain things that the IRS will never do, so if you see any of these things, or you are asked to them, you can be sure that it’s a scam.

The IRS will NEVER:

  • Threaten to bring in local police for not paying your tax bill
  • Ask you to pay via a gift card or wire transfer
  • Demand that taxes are paid without question or the opportunity to appeal
  • Ask for debit or credit card numbers over the phone
  • Call about an unexpected refund
  • Call to collect money without first sending a tax bill

If you get a call from the “IRS” asking for any of this, hang up.

There are Social Security Administration Scams Out There, Too

The IRS is not the only government agency plagued by scams. People are also getting scammed by people claiming to be from the Social Security Administration, or SSA. The goal here is to try to get your Social Security number.

Basically, someone will call you and claim to be from the SSA in an attempt to collect your personal information, including your Social Security number. If you get a call like this, you should definitely not engage with the caller, nor should you give them any money or personal information.

One of the ways that scammers are so good at getting this information is that they try to trick their victims by saying their Social Security number has been suspended due to suspicious activity, or that it has been connected to a crime. They will ask the victim to confirm their SSN in order to reactivate it.

Sometimes, they might even go further with this and tell the victim that their bank account is about to be seized, but they can keep the money safe…by putting it on a gift card, and then sending the code to the scammer.

You might wonder why people fall for this, but it really is easy for these scammers to change their phone number to show the same number as the SSA on caller ID. But this is a fake number…it’s not really the Social Security Administration.

There is also the fact that the scammers will say that someone has used your personal Social Security number to apply for a credit card, and because of this, you could lose your Social Security benefits. They also might say that your bank account is close to being seized, and you must withdraw your money or wire it to a “safe account,” which is, of course, the account of the scammer.

Here’s some of the details about these scams that you need to know:

  • Your Social Security number won’t be suspended. You never have to verify your number to the SSA, either and the agency can’t just seize your bank account.
  • The SSA will never call you about taking your benefits or tell you that you must wire money to them. If you are asked for money from the SSA, it is a scam.
  • The SSA’s number is 1-800-772-1213, but scammers are using this to appear on caller ID. So, it looks legitimate. So, if you get a call from this number, hang up and call it back. This way, you can be sure you are talking about the SSA and get the information you need…or find out that someone was trying to scam you.

Do not give your Social Security number to anyone over the phone or via email…also, don’t give your credit card number or bank account number to anyone over the phone or via email.

Robert Siciliano personal security and identity theft expert and speaker is the author of Identity Theft Privacy: Security Protection and Fraud Prevention: Your Guide to Protecting Yourself from Identity Theft and Computer Fraud. See him knock’em dead in this Security Awareness Training video.

Facebook Wants my Social Security Number!

WTH Facebook? Generally,  I don’t have a problem giving out my SSN. That might seem contrary to the advice I give, but frankly, our SSNs are everywhere and if my insurance company needs it, I’ll generally just question them on it, maybe resist a bit, and if they insist, and I need that insurance policy, I’ll cough it up.

facebook security

My identity in regards to “new account fraud” is protected via a credit freeze and I also have identity theft protection in place. So between the two, I’m pretty locked down. This is the advice I give everyone. So I’m generally not alarmed or concerned when asked for my SSN.

BUT, today friggin Facebook asked for it and of all the company’s or government agency’s on the planet to ask for this level of personal identifying sensitive information, Facebook is the world’s single most notorious abuser of privacy in the history of the world.

There have been countless breaches and privacy issues with Facebook and this is so over the top I can’t even believe they have the nuts to ask for a copy of my Social Security card.

Here’s how it played out….An email came in from Facebook subject line “Your sales are on hold”  with the message:

Hi Robert Siciliano: Security Awareness Fraud & Personal Security Expert,

When Robert Siciliano: Security Awareness Fraud & Personal Security Expert’s shop was set up, Robert Siciliano’s information was entered. To help keep Facebook secure, we need to confirm the identity of people representing a business on Facebook or Instagram.

Your sales have been temporarily put on hold until we can confirm Robert’s information. This is a standard process and should only take a few minutes to complete.

Once you confirm Robert’s information, you’ll be able to receive payments again.

Thanks,
The Facebook Team

WTH?!! OK, sure. So I sell my books on my Facebook page and e-commerce is involved. There’s a tax thing going on here. But they aren’t asking for my EIN or are engaging me in a formal process to vet my viability as a tax payer. They are asking for a copy of my SSN in the form of a scan to “verify” me!

I clicked a link on Facebook to see where this debacle would take me and see here:

So I clicked “Contact Us” to voice my frustration and my response was:

And I’ll repeat: “Screw off. I’m not sending Facebook a copy of my SSN card. WTH is wrong with you? What are my other options?

Stay tuned for how this BS turns out.

To be continued. Robert.

Robert Siciliano personal security and identity theft expert and speaker is the author of Identity Theft Privacy: Security Protection and Fraud Prevention: Your Guide to Protecting Yourself from Identity Theft and Computer Fraud. See him knock’em dead in this Security Awareness Training video.

New Phone Scam Scares with Social Security Sham

We all get scam phone calls, but the newest one is meant to scare. When you pick up the phone, you get a message that your Social Security number is suspended due to suspicious activity, and then prompts the victim to speak with an agent to get help.

The FTC makes something very clear: your Social Security number cannot be suspended for any reason, so any call that states your SSN is under suspension is a scam. What they are really trying to do is to trick you into giving them your actual Social Security number along with information such as your birthday and bank account number. 

This scam is just a tricky variation of a scammer’s trick that often works. In this case, they are trying to scare you first, and then offer to help…but in reality, these scammers are trying to steal your information.

Remember These Social Security Facts

If you get a call about your Social Security number, you should remember the following:

  • The Social Security Administration only calls from one number: 800-772-1213.
  • A Social Security Number cannot ever be suspended.
  • The Social Security Administration won’t ever threaten an arrest.
  • You will probably NEVER get a call from the SSA.

Also, of course, remember this: NEVER give your SSN to someone who contacts you that you don’t know.

The Scam

There are a few variations of this scam. The first is that they call and say that your SSN is suspended due to suspicious activity. They then say, if you want to know more about the case, press 1. When you do, of course, you are connected to an agent who is trained to get your information.

Another variation of this scam is a bit more aggressive. In this case, it states that law enforcement has suspended your Social Security number because of suspicious activity. You are advised to call a toll-free number immediately and verify your SSN. The scam also claims that if you do not call the number, an arrest warrant will be issued, and you, of course, would be arrested. Though not everyone will get one of these calls, if you do, you should definitely pay attention. Again, the SSA would never suspend a Social Security number, nor would it threaten to arrest you. It’s also good practice to never give you SSN to anyone who asks for it over the phone. Instead, hang up and go on with your day.

Robert Siciliano personal security and identity theft expert and speaker is the author of Identity Theft Privacy: Security Protection and Fraud Prevention: Your Guide to Protecting Yourself from Identity Theft and Computer Fraud. See him knock’em dead in this Security Awareness Training video.

How to Protect You Frequent Flier Miles NOW

Social Security numbers and credit card numbers are not the only types of data that hackers are after. Now, they are looking at frequent flyer accounts, and they are stealing reward miles, and then selling them online.

How do Hackers Steal Frequent Flyer Miles?

As with other types of ID theft, hackers use info that they have illegally obtained to access frequent flyer accounts. With more data breaches happening than ever before, hundreds of millions of records are exposed, and thus, hackers have great access to the personal info they need to get into these accounts.

What do Hackers Do with Frequent Flyer Miles?

It is hard for hackers to use these miles on their own because often, the travel has to be booked in the name of the owner. However, it is very easy to transfer these miles to other accounts or to use the miles to purchase other rewards. Usually, no ID is needed for a transfer like this. This is also difficult to track because hackers use the dark web and VPNs to remain anonymous.

Hackers also sell these miles, and they catch a pretty penny. For airlines like British Airways, Virgin Atlantic, and Delta, they can get hundreds, or even thousands of dollars for their work.

In addition to transferring these miles from one account to another, hackers are also selling the account’s login information. Once someone buys this, they can now get into the owner’s account and do what they want with the miles.

Protecting Your Frequent Flyer Miles

There are some things that you can do to protect your frequent flyer miles. You should check your frequent flyer accounts regularly using your airlines mobile app. Change all your airline passwords and never re-use passwords and set up a different password for each account.

Other things that you can do include the following:

  • Protect your personal information by making sure every online account has a unique and difficult to guess password.
  • Use a dark web scan. This will show you if any personal information is out on the dark web.
  • If you do find that your miles have been stolen, it also is probable that your personal information has been compromised, too. Monitor your credit report and check it often for anything that looks odd. This is a big sign of an issue.

Robert Siciliano personal security and identity theft expert and speaker is the author of Identity Theft Privacy: Security Protection and Fraud Prevention: Your Guide to Protecting Yourself from Identity Theft and Computer Fraud. See him knock’em dead in this Security Awareness Training video.

Beware of the Social Security Administration Employee Scam

There is a new Social Security scam in the news, and you should definitely know about it. The Acting Inspector General of Social Security, released a statement that warns people of this new scheme. Basically, scammers are impersonating Social Security Administration employees.

The scam started out fairly small and localized, but now, people from across the country are reporting that they are getting calls from people stating that they are from the Social Security Administration. The caller attempts to get personal information from the person they call including address and banking information.

Here’s How the Scam Works

Almost all of these calls are coming from a 323 area code, but don’t think for a second they won’t change this up. The caller says that they are an SSA employee, and sometimes tells the victim that they are getting a cost of living adjustment, so their benefits will be higher. Many callers believe this, of course, so when the scammer asks them to verify things such as their name, their birthday, their Social Security number, and even the name of their parents, they gladly do it to get an increase in their benefits. Once the scammer gets the information, they then contact the SSA and change the victim’s account information so that the benefits now go into a different account. Then, they can collect the cash.

Currently, the Social Security administration does contact people by phone in certain cases. However, the person usually knows that they should be expecting a call. It is also possible that an SSA employee might ask a person to verify information. So, none of this really seems unusual to anyone who has dealt with the SSA.

What to Do if You Get a Call

Hang up. Plain and simple. If you get a call from the Social Security Administration, you should report it immediately to 1-800-269-0271. You can also report it online.

It is also very important to be cautious, and you should avoid giving any information, such as your bank account number or Social Security number, to anyone who calls you. To check if it is a legitimate call from the SSA, tell the person calling that you are worried about scams, and ask if you can call them back. A legitimate SSA employee should be perfectly fine with this. Then, look up the number yourself. Don’t call a number that they give, no matter what. Finally, you can also contact the Social Security Administration at 1-800-772-1213 if you have any question about any text, letter, email, or call that you get.

Robert Siciliano personal security and identity theft expert and speaker is the author of Identity Theft Privacy: Security Protection and Fraud Prevention: Your Guide to Protecting Yourself from Identity Theft and Computer Fraud. See him knock’em dead in this Security Awareness Training video.

A “Credit Profile Number” is a fake SSN, and it Works

Cyber criminals are constantly trying to stay one step ahead of the good guys, and there is now another scam out there that you should know about: synthetic identity theft. Basically, the criminals take information from someone, and then make up the rest. They also often use fake Social Security numbers, called CPNs, or “credit profile numbers,” or names.

This type of identity theft shows us that our credit system is more vulnerable than we might think. Basically, it is easy to create a credit file on these identities, and once they have that, they can get a credit card or loan.

Of course, using a CPN like this on an application for credit card or loan is illegal, but lenders currently don’t have a conclusive way of distinguishing a real Social Security number from one of these fake ones. The Social Security Administration generates SSNs randomly. This makes it difficult for a lender to notice a fake one. Technically, a lender can contact the SSA and cross-check, but most of them don’t. Why? Because the SSA requires a handwritten signature from the person who has that SSN, and this is a pain in the neck for lenders.

So, of course, the best thing to do is to create a way for lenders to instantly check to see if a Social Security number is valid or not, and as of now, they do not have the capacity to do this. Lenders do, however, use their own fraud-detection tools, but these requests for credit still fall through the cracks.

This practice also has created more open windows for fraudsters, because they know that the system is vulnerable. It’s true that many lenders won’t accept a credit application from someone with no history of borrowing, which is the case with a CPN, but some still do, and the more activity the file sees, the more likely it is that credit will be given. Once credit is approved, a full credit report is created. Though it likely won’t be a high amount of credit, many lenders take a chance on new borrowers, and at a minimum, extend a couple of hundred dollars. Some people will even get a card that has, say a $300 limit, and use the card for a time. Once they establish a good payment history, they can get a credit increase, and that’s where the fun really begins.

This is just one more scam that you should be aware of, and one more reason to keep your private and personal information safe.

Robert Siciliano personal security and identity theft expert and speaker is the author of Identity Theft Privacy: Security Protection and Fraud Prevention: Your Guide to Protecting Yourself from Identity Theft and Computer Fraud. See him knock’em dead in this Security Awareness Training video.