• 888-966-4827
Menu

Category Archives:
Cybercrime

Home / Blog / Cybercrime
Scammers are Impersonating FTC Inspector General Katsaros

Scammers are Impersonating FTC Inspector General Katsaros

The Federal Trade Commission (FTC) has released that scammers are using the names of their employees, including the Inspector General Andrew Katsaros to trick people into sending money or giving up their personal identifying information (PII).

What you need to know:

The FTC won’t threaten you or demand a payment. If you receive a phone call or mail with the name of the FTC Commissioner or staff member that threatens some dire consequence if you don’t pay immediately, it’s a scam. Don’t pay.

The FTC doesn’t give out prizes. If someone contacts you claiming that you need to pay to get your prize, it’s a scam. Don’t pay.

FTC employees won’t identify themselves with a badge number. If someone claiming to work for the FTC gives you a badge number, it’s a scam. Don’t fall for it and keep your PII safe!

Guard Well Identity Theft Solutions exists to provide you, your family, and your employees from the damages of identity theft. If you have any questions or concerns, please contact our Member Services team immediately. We are always available for you 24/7/365 at 888.966.4827 (GUARD).

Source: Federal Trade Commission

Photo Credit: Courtesy of Bermix Detail via unsplash.com

Major Eyewear Company: Over 70 Million Hacked

Major Eyewear Company: Over 70 Million Hacked

Our security teams have recently discovered large data sets of compromised cyber elements on the Dark Web. On May 19th, the world’s largest eyewear company, Luxottica, confirmed reports of a 2021 data breach from a vendor’s computer network that leaked private information.

Luxottica, based in Milan, Italy, designs and manufactures sunglass and prescription frames. Brands include Burberry, Chanel, Dolce and Gabbana, Georgio Armani, Michael Kors, Oakley and Ray-Ban. The company also owns several retailers selling products such as LensCrafters and Sunglass Hut.

The hacking origin date is November, 2022 with retail customer data exposed being name, email address, physical address and phone number.

The company’s public acknowledgement stated that they discovered through their “proactive monitoring procedures that certain retail customer data, allegedly obtained through a third-party vendor related to Luxottica retail customers, was published in an online post.” The company reported the incident to the FBI and the Italian Police. The owner of the website where the data was exposed has since been arrested by the FBI. The website that leaked the information has also been shut down and the investigation is still ongoing. Learn More

Guard Well Identity Theft Solutions exists to provide you, your family, and your employees from the damages of identity theft. If you have any questions or concerns, please contact our Member Services team immediately. We are always available for you 24/7/365 at 888.966.4827 (GUARD).

Image courtesy credit: uriel-sc-11KDtiUWRq4-unsplash.jpg unsplash.com

Breach Alert Impacts 1.2 Million: RentoMojo.com

Breach Alert Impacts 1.2 Million: RentoMojo.com

Our security teams have recently discovered that online furniture and electronics rental startup RentoMojo has confirmed a data breach. The hacking origin date is April 23, 2023 and impacts 1.2 million. Personal identifying information data exposed include email addresses, user id, phone number, nationality and passport numbers.

The company reported that the attackers were able to gain access by exploiting cloud misconfiguration. Malicious attackers are continuously hunting for misconfigured cloud assets. They are vulnerabilities waiting to happen.

Guard Well Identity Theft Solutions exists to provide you, your family, and your employees from the damages of identity theft. If you have any questions or concerns, please contact our Member Services team immediately. We are always available for you 24/7/365 at 888.966.4827 (GUARD).

Image courtesy credit: Erfan Parhizi via unsplash.com.

NortonLifeLock Password Manager Tool Hacked

NortonLifeLock Password Manager Tool Hacked

NortonLifeLock has notified their customers that hackers have breached their Password Manager accounts. This latest breach dates back to December 2022 when thousands of customers were told that their accounts were compromised. Just recently, the parent company of NortonLifeLock, Gen Digital (formerly Symantec Corporation), reported that “the likely culprit was a credential stuffing attack.” This type of attack involves credentials that had previously been exposed or breached being used to break into accounts on different websites that share the same password.

By far, password protection is critical for online safety. Enabling multi-factor authentication (MFA) and having exceptional password hygiene habits are great practices to follow. For example, every account that requires a password should have their own unique, complex and random password. Try to avoid using combinations that utilize information that could be connected to your social media accounts, such as a loved one’s birthday or a pet’s name. Hackers are well-known to comb their intended victims’ social media accounts.

Guard Well Identity Theft Solutions exists to protect you, your family, and your employees from the damages of identity theft. If you have any questions or concerns, please contact our Member Services team immediately. We are always available for you 24/7/365 at 888.966.4827 (GUARD).

Photo courtesy of https://unsplash.com/@flyd2069.

Triple Date Breach Climbs to 25 Million: TruthFinder, Instant Checkmate and Gemini

Triple Date Breach Climbs to 25 Million: TruthFinder, Instant Checkmate and Gemini

Our security teams have recently discovered that over 25 million people have been impacted by data breaches involving TruthFinder, Instant Checkmate and Gemini.

Both TruthFinder and Instant Checkmate are subscription-based websites owned by PeopleConnect that allow users to do background checks on people by utilizing public records. The breaches for both companies occurred on April 12, 2019. While TruthFinder’s breach involves eight million account holders, Instant Checkmate’s is even larger impacting 12 million. Stolen account holder information includes users’ email addresses, phone numbers and passwords for both sites. Parent company PeopleConnect has confirmed that all customer accounts created between 2011 and 2019 have been impacted and that the published list originated inside their company. Learn More

Gemini (Gemini Trust Company, LLC) is a cryptocurrency exchange and custodian that allows customers to buy, sell and store digital assets. The American-owned company operates in the United States, Canada, the United Kingdom, South Korea, Hong Kong and Singapore. The breach size of 5.4 million originated December 13, 2022 as a result of a third-party incident. The company has declared that some customers have been the target of phishing campaigns from that third-party vendor exposing millions of email addresses and partial phone numbers. Learn More

Guard Well Identity Theft Solutions exists to protect you, your family, and your employees from the damages of identity theft. If you have any questions or concerns, please contact our Member Services team immediately. We are always available for you 24/7/365 at 888.966.4827 (GUARD).

Photo by https://unsplash.com Erfan Parhizi

 

The Top Scams of 2022

The Federal Trade Commission (FTC) is a United States federal agency that works to prevent deceptive, fraudulent and unfair business practices. Their first objective is to identify fraud that cause the greatest consumer injury. Their second objective is to stop the fraud, deception and unfair practices through law enforcement. Finally, their third objective is to prevent consumer injury from happening in the first place through education.

Every year the FTC reports the top scam highlights of the previous year. This is how 2022 stacked up:

– Investment scams had the largest losses at $3.8 billion. Investment scams promise that you will make a lot of money quickly, easily and with low risk. The FTC reported that these scams involve the investment in financial or real estate markets. Learn how to research investment opportunities HERE.

– Impersonator scams were, once again, the most reported scam. Losses from these scams total $2.6 billion for 2022. The FTC reported that the major difference in this type of scam from the previous year is that there were higher losses to business imposters to the tune of $660 million in comparison to last year’s $453 million. Scams in this category include social security, IRS, romance, caregiver, family emergency, tech support and grandchild scams. Learn how to identify a scam happening to you or a loved one by viewing the short videos HERE.

How were scams identified and processed? Some losses were through bank transfers. Others started on social media and phone calls. Young adults in their 20s reported losses more often than seniors in their 70s. Unfortunately, the seniors lost more money than any other age group.

The FTC has a PDF available for download with a visual snapshot of the top frauds of 2022. Click HERE to learn about the rest of 2022’s top scams and view the PDF.

Guard Well Identity Theft Solutions exists to protect you, your family and your employees from the damages of identity theft. If you have any questions or concerns, please contact our Member Services team immediately. We are always available for you 24/7/365 at 888.966.4827.

Online Music Streaming Service Breach Impacts Billions

Online Music Streaming Service Breach Impacts Billions

Our security teams have recently discovered that a former deezer.com partner experienced a data breach in 2019 that has impacted 257 billion users. Deezer is a France-based music streaming platform. Leaked information includes users’ dates of birth, email addresses, genders, geographic locations, IP addresses, names, spoken languages and/or surnames. The hacking dates back to mid-2019 when a Deezer third-party fell victim to a breach exposing user data, which was then sold on a popular hacking forum.

The hacker claimed that the data breach affects users in the United States, the United Kingdom, Brazil, Columbia, France, Germany, Guatemala, Italy, Mexico and Turkey.

Other music streaming platforms, such as Spotify, have suffered data leaks in recent years. In December 2020, Spotify confirmed that an incident may have affected over 300,000 users’ email addresses, display names, passwords, genders and dates of birth.

Guard Well Identity Theft Solutions exists to protect you, your family, and your employees from the damages of identity theft. If you have any questions or concerns, please contact our Member Services team immediately. We are always available for you 24/7/365 at 888.966.4827 (GUARD).

Photo by Uriel SC via Unsplash.com.

Update for 200 Million Breach

Update for 200 Million Breach

Our security teams have discovered that hackers stole the email addresses of more than 200 million Twitter users  and posted them on an online hacking forum. The Twitter breach origin date was July 2022. Data exposed includes name, phone number, email address and account holder user IDs.

We first reported the breach on December 6, 2022. It is highly recommended to add two-factor authentication. Please contact us if you need assistance.

There were no clues to the identity or the location of the hacker or hackers behind the breach. “It may have taken place as early as 2021, which was before Elon Musk took ownership of the company last year, explained Satter (Reuters News).” Learn more HERE.

If you have any questions or concerns please contact our Member Services immediately. We are always available for you 24/7/365 at 888.966.4827 (GUARD).

Photo courtesy of Bermix Studios via unspash.com.

FBI’s Vetted Threat Sharing Network Hacked

FBI’s Vetted Threat Sharing Network Hacked

Just recently, our security teams have discovered large data sets of compromised cyber elements on the Dark Web. The breached site is InfraGard.org, which is a partnership between the Federal Bureau of Investigations (FBI) and key members of the private sector for the protection of the United States critical infrastructure.

InfraGard members are in roles involved in both cyber and physical security at companies that manage most of the nation’s critical infrastructures, including drinking water, power utilities, communication and financial services firms, transportation and manufacturing companies, healthcare providers and nuclear energy firms.

The breach origin date is December 2022 and data exposed includes their members’ contact information, such as name, email and phone numbers. The FBI stated that “this is an ongoing situation” and that they are “not able to provide any additional information at this time.” Approximately 80,000 InfraGard members are impacted. Learn more HERE.

Guard Well Identity Theft Solutions exists to protect you, your family, and your employees from the damages of identity theft. It has been a pleasure protecting America’s workforce for the last decade. We look forward to many years and much more growth to come.

Be vigilant. Be strong. Stay in the know. If you have any questions or concerns, please contact our Member Services immediately. We are always available for you 24/7/365 at 888.966.4827 (GUARD).

Photo courtesy of Markus Spiske on Unsplash.com.

Hurricane Ian Scams: Protecting Yourself from Charity and Disaster Fraud

Hurricane Ian Scams: Protecting Yourself from Charity and Disaster Fraud

On September 28th, Ian, the fifth strongest hurricane on record in the United States, slammed into Florida as a category four. Devastation, flooding, loss of life and significant property damage along the rest of Ian’s path occurred in multiple states over the next few days. Following natural disasters like Ian, charity and disaster schemes from scammers quickly come to surface to those who were directly impacted and others that want to help.

The Federal Bureau of Investigations (FBI) has sent out reminders and tips on how to avoid falling victim to charity and disaster fraud.

– All government officials are required to carry official identification and show it if requested. If you are hesitant to believe them, contact the FBI directly to confirm their identity.

– All Federal Emergency Management Agency (FEMA) and assistant agencies will not ask for money to apply for assistance and they will not ask you for any financial information. If someone comes door-to-door, calls, texts or emails you, do not immediately give out your personal identifying information (PII), such as your social security number or bank account information, without first confirming their identity as legitimate and not a scammer.

– If you would like to donate to the many charities that are assisting survivors, understand that there are some fake charities out there. Unless you are giving to a charitable agency that you know and trust, go online and research the reviews and ratings as established by the Better Business Bureau (BBB). If you do donate, use a credit card. Gift cards and wire transfers are highly discouraged. Also remember that no legitimate agency is going to pressure you to donate.

We would like to remind you to not click on links from sources you do not know. The FBI suggests to manually type out the links instead of clicking them to prevent attempts to download viruses on your cell or laptop/computer.

As always, if you have any questions or concerns or suspect that you or a family member has been a victim of fraud, please contact Member Services immediately. We are open and always available for you 24/7/365 at 888.966.GUARD (4827).

 

Photo credit: NASA under license via unsplash.com.