Keeping Your Holidays Happy and Fraud-free

Keeping Your Holidays Happy and Fraud-free

Yes, it’s that wonderful time of year. The holidays are quickly approaching … and at lightning speed! Will you be traveling to see family in the next few weeks? Or, maybe you’ll be skipping off to a great vacation instead of decking the halls? Whatever your plans are, having time off of work, fun with friends and family, and hopefully a few days of laziness … are wonderful to look forward to. But, when we are caught up in the excitement about buying those last-minute gifts (or sunscreen and new flip-flops), we need to remember that there are some other ‘things to do’ on our checklist to help keep our family and identities safe during this special time of year.

 

In addition to stopping the mail, finding that special neighbor with a green thumb to water your plants, and arranging for pet care for your fur babies, there are some ‘before your trip’ actions you can take to help prevent identity theft from becoming a huge holiday memory. Just some small preventative measures, such as updating the operating system and antivirus software on your mobile devices, can go a long way toward fending off a few identity thieves. Below are some tips for what you can do before you leave home, as well as while you’re away and after your return.

 

Before you leave home:

– Password protect your devices and update operating systems

– Alert your bank(s) about your travel plans

– Visit your post office and put your mail on a vacation hold

– Keep the number of credit cards you travel with to a minimum and have copies of your driver’s license, medical id cards, passports and travel confirmation numbers at home in a safe place

– Turn off auto-connect Wifi and Bluetooth connections

– Consider adjusting your social media account settings so posts aren’t tagged with GPS data

 

While out of town:

– Avoid using public Wifi and even your hotel’s Wifi if at all possible

– Do not use public computers

– Keep your travel documents in the hotel room safe

– Log out of websites on your smart phone and any websites if you bring a laptop or other device with you on your trip

 

Upon your return home:

– Consider changing passwords for your major accounts

– Thoroughly go through your account statements for any irregularities

– Check your credit report to make sure no new accounts were opened in your name while you were away

 

We hope you have a wonderful holiday vacation. If you suspect identity theft or fraud, please contact us immediately at 888.966.GUARD (4827) or email [email protected]. Day or night, we’ve got your back and will always be open for you.

Hurricane Ian Scams: Protecting Yourself from Charity and Disaster Fraud

Hurricane Ian Scams: Protecting Yourself from Charity and Disaster Fraud

On September 28th, Ian, the fifth strongest hurricane on record in the United States, slammed into Florida as a category four. Devastation, flooding, loss of life and significant property damage along the rest of Ian’s path occurred in multiple states over the next few days. Following natural disasters like Ian, charity and disaster schemes from scammers quickly come to surface to those who were directly impacted and others that want to help.

The Federal Bureau of Investigations (FBI) has sent out reminders and tips on how to avoid falling victim to charity and disaster fraud.

– All government officials are required to carry official identification and show it if requested. If you are hesitant to believe them, contact the FBI directly to confirm their identity.

– All Federal Emergency Management Agency (FEMA) and assistant agencies will not ask for money to apply for assistance and they will not ask you for any financial information. If someone comes door-to-door, calls, texts or emails you, do not immediately give out your personal identifying information (PII), such as your social security number or bank account information, without first confirming their identity as legitimate and not a scammer.

– If you would like to donate to the many charities that are assisting survivors, understand that there are some fake charities out there. Unless you are giving to a charitable agency that you know and trust, go online and research the reviews and ratings as established by the Better Business Bureau (BBB). If you do donate, use a credit card. Gift cards and wire transfers are highly discouraged. Also remember that no legitimate agency is going to pressure you to donate.

We would like to remind you to not click on links from sources you do not know. The FBI suggests to manually type out the links instead of clicking them to prevent attempts to download viruses on your cell or laptop/computer.

As always, if you have any questions or concerns or suspect that you or a family member has been a victim of fraud, please contact Member Services immediately. We are open and always available for you 24/7/365 at 888.966.GUARD (4827).

 

Photo credit: NASA under license via unsplash.com.

Student Loan Scams Are On The Rise

Student Loan Scams Are On The Rise

On August 24th, the Biden-Harris Administration announced the one-time federal student loan debt relief plan. While the forgiveness plan is designed to help many low and middle-income families, we are now seeing an increase in scams that have the potential to hurt them badly.

The Federal Trade Commission (FTC) suggests some ways to avoid being a victim of a student loan scam:

Never pay an up-front fee. Companies that charge you before they help you are breaking the law. Don’t fall for the ads that promise to help you with student loan debt. If you have federal loans, go to the Department of Education at StudentAid.gov.

Don’t sign up for quick loan forgiveness. Even though they might say they can wipe out your loans by disputing them, they can not.

Don’t trust a Department of Education seal. Even though it might look like an official seal and logo, it likely isn’t.

Don’t rush. Scammers will ask you to act fast so you don’t “miss” qualifying for repayment plans, loan consolidation or forgiveness programs.

Don’t provide your FSA ID to anyone. This is your private information and can be used to steal your identity.

The FTC also stressed that there is nothing a company can do for you that cannot do yourself for free. Again, if you have federal loans, start with StudentAid.gov/repay. If your loans are private, contact your lender directly.

To learn more about the debt relief plan from the U.S. Department of Education, click HERE.

If you have any questions or concerns, please contact Member Services immediately. We are always available for you 24/7/365 at 888.966.GUARD (4827).

 

Photo courtesy credit: Muhammad Rizwan via unsplash.com.

How to Avoid Disaster-Related Scams

How to Avoid Disaster-Related Scams

Dealing with the aftermath of a disaster is always difficult. Unfortunately, scammers will jump at the chance to take advantage of those who are trying to assess and recover from the tremendous damage that weather-related events, such as hurricanes, floods, wildfires, tornados, along with pandemic-related COVID-19 can cause.

 

The Federal Trade Commission (FTC) suggests a few ways to help avoid common post-disaster scams:

 

Be skeptical of anyone promising immediate clean-up and debris removal. Some fake vendors will quote sky-high prices and demand payment up-front.

 

Do a background check on them. Before you pay anything, ask for identification, licenses along with proof of insurance in writing.

 

Never pay in cryptocurrency, wire transfer, cash or via a gift card. Only make the final payment until the work is completed satisfactorily.

 

Always guard your personal identifying information (PII). “Only scammers will say they’re a government official and then demand money or your credit card, bank account or social security number.”

 

Understand that the Federal Emergency Management Agency (FEMA) will never ask for an application fee. FEMA has provided over $1 billion to more than 165,000 people to assist with COVID-19-related funeral costs for deaths occurring on or after January. “If someone wants money to help you qualify for FEMA funds, that’s probably a scam.”

 

Spot and report disaster-related charity scams. If you are fortunate enough to be able to help others, visit this link for advice on how to donate wisely and avoid charity scams.

 

For more information and other tips, visit https://www.consumer.ftc.gov/features/dealing-weather-emergencies

 

Be vigilant. Be strong. Stay in the know. If you have any questions or concerns, please contact our Member Services immediately. We are always available for you 24/7/365 at 888.966.GUARD (4827).

 

Photo courtesy credit to Kelly Sikkema via unsplash.com.

Guard Well Appoints New Chief Technology Officer and VP of Operations

Guard Well Appoints New Chief Technology Officer and VP of Operations

Bradley Amster

CINCINNATI, OH – September 1, 2022 Guard Well Identity Theft Solutions today announced the appointment of Bradley Amster, Owner of Data Design Systems, as Chief Technology Officer and Vice President of Operations.

Amster holds a Bachelor of Business Administration in Marketing/Management from the University of Cincinnati. Since 2011, Amster has provided web design and in-depth IT knowledge and solutions for the Cincinnati-based company. Guard Well’s Founder and President remarked, “We are pleased to appoint Brad as a new director. He’s been a large part of our eleven year growth and we are very happy to bring him in house. We are confident that he will continue to provide valuable perspectives as we grow into larger markets and develop new technologies.”

For over a decade, Guard Well has provided award-winning identity theft protection support and complete resolution services after having built a strong partnership with industry powerhouse Experian. Distributed largely through the employee voluntary benefit space, Guard Well’s mission is to provide affordable, yet effective, multi-layered protection for every American household with 24/7/365 protection. Guard Well’s core belief is full resolution for the Member and their household including unlimited access to best-in-class fraud resolution specialists.

Guarding Against Business Identity Theft

Guarding Against Business Identity Theft

Individuals aren’t the only targets for identity theft. Corporate, also known as commercial identity theft, saw a 46% increase last year according to the National Cybersecurity Society (NCSS). Although businesses of all sizes are at risk, small businesses are particularly vulnerable. “Small business identity theft—stealing a business’ identity to commit fraud—is big business for identity thieves,” remarks Mary Ellen Seale, CEO of NCSS.

 

She explains, “Unlike larger corporations, small businesses don’t always have the required security controls in place to detect and deter fraudulent activity, which can make them easier targets. There is also a general unawareness, among large and small businesses alike, of the magnitude of the threat and the devastating effects that business identity theft can have.”

 

Stealing an organization’s identity takes a lot less work than one might think. State laws require the public disclosure of proprietary business information in annual reports, names and addresses of key company personnel as well as the employee identification number (EIN). All of this information can be used by thieves to apply for a line of credit or loan as well as intercept business credit card information.

 

What can business owners do to help mitigate their risk?

 

– Educate your employees about phishing scams. Phishers aren’t just targeting your business … they are grabbing your customers, employees, partners and vendors. Make sure your employees know what red flags to look for when they receive an email that is asking for an action from them. Examples include bad grammar, misspelled words, links to unfamiliar websites and attachments.

 

– Don’t post sensitive company information on your website.

 

– Stay on top of computer security updates.

 

– Check your credit reports regularly.

 

– Follow the IRS new procedures to protect businesses. Visit https://www.irs.gov/individuals/identity-theft-guide-for-business-partnerships-and-estate-and-trusts for detailed information.

 

– File your company’s annual report on time and regularly check the secretary of state’s website. Keep in mind that if you operate your business in more than one state, each state may have their own due date.

 

Unfortunately, identity theft is here to stay. With the number of incidents growing each year, and financial losses piling up, it’s more important than ever for businesses to be vigilant. Do you have an anti-phishing plan for your business? Please contact us if you need assistance developing one or educating your employees about the topic.

 

Be vigilant. Be strong. Stay in the know. If you have any questions or concerns, please contact our Member Services immediately. We are always available for you 24/7/365 at 888.966.4827 (GUARD).

 

Photo by Artem Beliaikin on Unsplash

8.4B Passwords & 25M Records Stolen

8.4B Passwords & 25M Records Stolen

Just recently our security team found two new breaches involving 25,000,000 stolen records and that 8.4 billion passwords have been stolen and sold on the dark web. We see these breaches all the time. The reality is that out of the 8.5 billion IP addresses worldwide, 3.5 billion of them are malware. That’s correct! Almost half of the worldwide web is created to commit fraud. That’s why we have proudly built a strong partnership with industry powerhouse Experian who jointly provides our member’s identity protection, support, and complete resolution service.

 

Guard Well Identity Theft Solutions exists to protect you, your family, and your employees from the damages of identity theft. It has been a pleasure protecting America’s workforce for the last decade. We look forward to many years and much more growth to come!

 

Be vigilant. Be Strong. Stay in the know. If you have any questions or concerns, please contact our Member Services immediately. We are always available for you 24/7/365 at 888.966.4827 (GUARD).

 

Photo courtesy of unsplash.com Bermix Studios

Data Breach Alert: T-Mobile 100 Million Impacted

Data Breach Alert: T-Mobile 100 Million Impacted

The Associated Press reported yesterday that communications giant T-Mobile confirmed there was unauthorized access to ‘some T-Mobile data’ but that the company is still determining the scope of the breach and who was affected. T-Mobile is actively investigating the leak after someone took to an online underground forum offering to sell personal information from more than 100 million cellphone users.

 

According to Vice’s Motherboard report, the data came from T-Mobile servers and “includes social security numbers, phone numbers, names, physical addresses, unique IMEI (International Mobile Equipment Identity) numbers, and driver license information.” Motherboard also reported that they had seen samples of the data, and confirmed they contained accurate information on T-Mobile customers.

 

The seller on the underground forum was asking for 6 bitcoin, which is about $270,000, for a subset of the data containing 30 million social security numbers and driver licenses. The hacker said that they are privately selling the rest of the data at the moment. For more in-depth details about the hack, you can read the KrebsonSecurity article HERE.

 

A statement on the T-Mobile website reads “We are confident that the entry point used to gain access has been closed, and we are continuing our deep technical review of the situation across our systems to identify the nature of any data that was illegally accessed. This investigation will take some time but we are working with the highest degree of urgency.” The statement also included that the company takes the protection of their customers very seriously and that T-Mobile is “conducting an extensive analysis alongside with forensic experts to understand the validity of these claims, and are coordinating with law enforcement.”

 

If you or a family member has been a T-Mobile customer and suspect your data has been compromised, please contact us as soon as possible. We are always available for you 24/7/365 at 888.966.GUARD (4827). Our Member Services can also be emailed at [email protected].

 

Photo credit: John Tuesday on unsplash.com

University of California and StreetEasy: Dark Web Fraud Alert

University of California and StreetEasy: Dark Web Fraud Alert

Our teams have discovered extremely large sets of compromised data on the Dark Web. The latest two websites involved are University of California and StreetEasy.com.

 

The University of California (UC) is the world’s leading public research university system. Like several hundred other institutions throughout the country, including universities, government institutions and private companies, UC has been using a vendor service called Accellion File Transfer Appliance (FTA) to transfer information. Accellion was the target of an international cyberattack where the perpetrators exploited a vulnerability in Accellion’s program and attacked roughly 100 organizations. The attackers are now attempting to get money from organizations and individuals.

 

The breach origination date was March 31, 2021. Information stolen includes names, addresses, SSNs, as well as some email addresses and medical IDs.

 

StreetEasy.com is New York City’s leading local real estate marketplace on mobile and the Web, providing comprehensive listings and market data. The approximate breach size is 990,290 and originated in June of 2016. Data exposed includes passwords, first and last names, email addresses, and user IDs.

 

Be vigilant. Be strong. Stay in the know. If you have visited these websites in the past or have done business with them, please contact our Member Services immediately. We are always available for you 24/7/365 at 888.966.GUARD (4827).

 

Photo credit by Erfan Parhizi via unsplash.com.

How to Spot a Hacker Going After Your Business

How to Spot a Hacker Going After Your Business

When you think of a “bad guy,” what comes to mind? Someone sitting alone hunched over a keyboard in a dark hoody in a dark basement with fast typing fingers and maybe sporting a three-day-old beard? And what do you picture this anti-social “bad guy” doing? Are they only going after huge corporations and corrupt politicians? Nope! But that is what pop society has been assuming cybercrime is and that the everyday individual or smaller organizations aren’t being targeted.

 

The reality is that many of the faces of modern cybercrime don’t look like what we have read in fictional books and seen on tv and in the movies. These cybercriminals are much harder to spot because “they look a lot like legitimate businesses than you might expect,” Hubspot reported. “The work they might do day-to-day to steal personal information and disrupt businesses is pretty boring.”

 

So why do they hack? Money! Cybercrime has cost the world just under a trillion dollars in 2020.

 

The fact is that your Personal Identifying Information (PPI) is just like a currency. When stolen and aggregated, PPI can be sold for a hefty profit and “it’s a lot easier to try to get into your business’s data than to try to gather their own to sell.” Many websites sell aggregated collections of email addresses and passwords that have been gathered from past data breaches. From there, all it takes is a bit of unsophisticated scripting to use these emails and passwords to try to log into different websites across the internet.

 

“These folks aren’t looking to hit the biggest, most valuable businesses. It’s a case of quantity over quality.” These villains take a few thousand emails and passwords and see how many of them work out against high value services (such as email providers or CRMs) to see what data can be pulled out of those accounts to sell or how they can use those accounts for phishing emails or ransomware.

 

Look at the statement released by Darkside, the group whose ransomware attack brought down the Colonial Oil Pipeline and caused gas prices to spike in May this year. They released: “We are apolitical, we do not participate in geopolitics, do not need to tie use with a defined government and look for other motives. Our goal is to make money and not creating problems for society.” They want cash flow not world domination.

 

Hubspot reported in a blog last month written by Ryan DiPetta, “A lot of hackers look and behave like legitimate businesses, even if they do illegitimate things. Maybe they work a regular nine to five schedule. Maybe they take vacations with their kids. They’re trying to build a business just like you, too … but their business is built on theft and exploitation of your business and the data and trust of your customers.”

 

Are you and your employees protected? For more information on how to protect your company’s bottom line and employees by providing this must-have voluntary benefit, please click HERE.

 

Our team at Guard Well Identity Theft Solutions is available 24/7/365. Contact us at 888.966.GUARD (4827) or email [email protected] if you suspect fraud or have any concerns. We are here to help!

 

Photo credit: Markus Spiske via Unsplash.com