COVID-19 Unemployment Identity Theft Cases on the Rise

COVID-19 Unemployment Identity Theft Cases on the Rise

The COVID-19 pandemic has changed the entire employment image in America. Have you or a loved one needed to reach out to your state unemployment office due to being out of work (or experiencing a massive reduction in work hours)? As if that process wasn’t difficult enough! Unfortunately, many have experienced the shock and dismay when their unemployment claim is turned down for benefits due to a duplicate application. It is happening … and way too often. Hackers live for mankind’s vulnerability, especially during trying times like this.

 

We understand that it’s hard to know what you need to know especially during immense stress. The following are the five most common unemployment scams that we would like for you to be aware of:

 

Phishing email scams. Be wary of a sender you don’t know even if there are familiar logos visible in the email. Just because the email says it’s coming from your former employer’s CEO, doesn’t mean that it is legit. Verify the sender via phone before you trust the information that they are providing. If no one is available to verify it via a call … it’s a scam.

 

Debit and direct deposit card scams. Hackers know that states may use debit cards or payments via direct deposit to deliver benefits to you. If you are asked to provide personal identifying information (PII), such as date of birth, social security number, and/or bank account information before you actually apply for a card … it’s a scam. We have seen unemployment debit card scams that end up charging the victim for inactivity.

 

Fake phone call scams. The Department of Labor suggests to only use official government websites and phone numbers to file a claim for unemployment benefits. If someone calls you before you reach out for help … it’s a scam.

 

Jobseeker scams. If anyone is interested in hiring you immediately because you are the “perfect” candidate for a position you haven’t sought out … it’s a scam.

 

Fake job board website scams. If a website asks you to pre-register and give them your bank account information for your first paycheck … it’s a scam.

 

Here are some tips to help avoid unemployment benefit scams:

 

– Do not respond to unsolicited emails and texts. A state will not try to reach you and certainly won’t via text message.

 

– Do not click any type of website link even if it looks like it’s from one of your financial institutions. Scammers are really sneaky. Read our blog Do Not Click! for more information.

 

– Monitor your accounts closely. If an identity thief has enough information to apply (and receive) your benefits, it’s a pretty solid bet that they have information on your other accounts. Update your passwords, which is a step to take even not during a pandemic.

 

– Help keep your PII safe by making sure you’re dealing with a legitimate government representative.

 

 

Interested in learning how to file unemployment benefits in your state? Check this map, select the state where you worked, and you will be directed to the appropriate contact information. Be smart. Be vigilant. Be strong. Please don’t hesitate to reach out if you need help. We are available 24/7/365 for you and your family members at 1.888.966.GUARD (4827) and memberservices@guardwellid.com.

 

The Quick Rise of Phishing Scams – Do Not Click!

The Quick Rise of Phishing Scams – Do Not Click!

Many of us have been experiencing much more free time on our hands, which is great if you enjoy the sport of fishing, have a pile of books to read or Netflix shows to catch up on. Unless you are on the front line, life, as we know it during this pandemic, has forced the majority of us to slow down.

 

Our ‘new normal’ environment is a breeding ground for scammers to take advantage of you and your identity. Last month we wrote several blogs that specifically discussed the various types of coronavirus scams we had been witnessing. Check out Coronavirus Scams Are on the Rise, And More Coronavirus Scams, and Working From Home Cybersecurity Tips if interested in a quick refresher course or two.

 

Over the last two weeks we have seen a 70% increase in email phishing scams during this pandemic, which has undoubtedly touched every facet of our lives. These phishing scams may come across as emails and/or posts promoting coronavirus awareness. These messages will often offer prevention tips on how to stay well, what the symptoms of the virus may include and what to do in case you or a family member feel ill. Some are even creating fake “cases” of COVID-19 in your neighborhood so you feel more inclined to help out. They also may be asking you to donate to victims, offering advice on unproven treatments, or contain malicious email attachments. Don’t fall for any of it … but, in case you do, we suggest that you read our blog from October 2019 Accidentally Clicked on a Phishing Link – Now What?.

 

Today our advice is very simple: If you are not 100% certain of the origin of the email and/or link that you are being asked to click on … DO NOT CLICK. If for some reason you accidentally do click, there are some imperative steps to take to alleviate harm to you and/or the network you may be connected with:

 

– Try not to panic. This happens to everyone. Antivirus and anti-malware will come into play and you will need to have a full system scan. But first …

 

– End the session immediately by turning off Wi-Fi, unplugging from an ethernet cable or completely shutting down all of your devices.

 

– Initiate a back up of your files. Since you won’t be connected to the internet at this point, you won’t be able to accomplish this to the cloud. Having an external drive, DVD or thumb drive are always nice to have on hand during times like these.

 

– Change your login/password to email account(s) and enable two-factor authentication if this hasn’t already occurred.

 

– If you are employed by a company or organization, reference your manual and let your network administrator know of the potential issue.

 

– After all is said and done, check your antivirus/anti-malware software and run a full scan.

 

Being informed of what steps you may need to take before a slip up happens can help ease the potential damage (and your stress level) if it does. Be smart. Be vigilant. Be strong. Please don’t hesitate to reach out if you need help. We are available 24/7/365 for you and your family members at 1.888.966.GUARD (4827) and memberservices@guardwellid.com.

Working from Home Cybersecurity Tips

Working from Home Cybersecurity Tips

Coronavirus has forced millions of Americans to work remotely from their homes. Although working from home helps with social (physical) distancing by preventing the spread of COVID-19, there are many new challenges that have come with teleworking. For example, many states have closed schools for weeks, and for some, the entire rest of the school year. Parents may be juggling work while their children are learning remotely. You may find yourself becoming an expert with practicing mindfulness along with new software and conferencing programs, such as Zoom and GoToMeetings (or if you aren’t, your children blessedly are).

 

As we are being forced to slow down the pace of everyday life, we recognize that a lot of good can come out of this time. But, on the other side of the coin, there is the growing opportunity for cybercriminals to trick us into forking over passwords during this learning transitional period. Reuters reported last week that “some researchers have found hackers masquerading as the U.S. Centers for Disease Control and Prevention in a bid to break into emails or swindle users out of bitcoin, while others have spotted hackers using a malicious virus-themed app to hijack Android phones.” Our blogs last week provided some details on these new scams.

 

The Federal Trade Commission (FTC) has some tips to help protect your devices and personal information while working from home:

Start with cybersecurity basics. Keep your security software up-to-date. Use passwords on all your devices and apps. Make sure the passwords are long, strong and unique. The FTC suggests using at least 12 characters that are a mix of numbers, symbols and capital and lowercase letters.

Secure your home network by starting with your router. Turn on encryption (WPA2 or WPA3), which scrambles information sent over your network so outsiders can’t read it. If no WPA2 or WPA3 options are available with your current router, considering replacing your router altogether.

Keep an eye on your laptop and make sure it is password-protected, locked when you aren’t using it and secure. We suggest that it is never unattended, such as out in plain sight in a vehicle. Even if your doors are locked, windows can easily be broken.

Securely store your physical files. Strong physical security is an important part of cybersecurity. If you don’t have a file cabinet at home that is lockable, consider using a locked room. Read this blog by the FTC to learn more tips about physical security.

Dispose of sensitive data securely. Invest in a shredder if you don’t already have one. Throwing paperwork you no longer need in the garbage or recycling bin can be a treasure for a pirate especially if it includes personal information about customers, vendors or employees.

Follow your employer’s security practices. Since your home is now an extension of your office, make sure that you understand the protocols that your employer has implemented.

 

Be smart. Be vigilant. Be strong. Please don’t hesitate to reach out if you need help. We are available 24/7/365 for you and your family members at 888,966.GUARD (4827) and memberservices@guardwellid.com.

.

Cybersecurity Trends in Store for 2020

Cybersecurity Trends in Store for 2020

Did you know that the first documented ransomware attack was more than 30 years ago in 1989? That was around the time when a mobile phone was called a bag phone because it sat in a big black bag in your passenger seat … and that curly cord was wound so tight it hardly let it extend to your ear. If you were lucky, you could store about 30 numbers in it. But back then, that was pretty amazing storage. Then flip phones started to make our lives easier in later years. It was pretty simple but the fact that it could actually fit in your pocket made it truly mobile. There was rarely a thought that anyone was listening in on your conversations or tracking your locations (which they probably were but the average person didn’t think doing so was devious). Boy, have times changed.

 

Attacks involving ransomware, which were originally designed to target individuals, are occurring every 14 seconds now. Shocking isn’t it. After you read this sentence, focus on how long it takes you to breathe … inhale and exhale. Your full circle breathing process is likely anywhere from six to eight seconds, which is how long hackers are trying to increase the speed of ransomware attacks by this time next year.

 

Dave Wallen discussed some of the expected 2020 cybersecurity trends in a blog last week for Security Boulevard so we all can be “better prepared against the ever-evolving nature of cyber threats.” He wrote, “With today’s pervasive use of the internet, a modern surge in cyberattacks and the benefit of hindsight, it’s easy to see how ignoring security decades ago was a massive flaw.” It’s not just the speed of the attacks that is alarming, it is the variety of them that are going to keep things interesting for 2020.

 

So what are some of the trends we will be seeing in 2020?

 

Fear will drive spending. Gartner forecasts that worldwide spending on cybersecurity is going to reach $133.7 billion in 2022. The General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA) have pushed businesses and government agencies to a more sophisticated cybersecurity infrastructure than ever. Wallen noted that 76% of organizations plan to increase their cybersecurity budgets this year.

 

The cybersecurity labor market will continue to experience labor shortages. There are many reasons for this skills gap. Not only are there more cybercriminals, but there are also more places for scammers to hide with our ever-expanding reliance on technology. Also, there still needs to be a balance of expanding skills in a very specific area with teaching broad skills that can be useful across many sectors. Think of those with titles such as chief information officer (CIO) and chief information security officer (CISO) – they are currently undervalued.

 

Cloud security will require a more pragmatic approach. The assumption that our data is secure on ‘the cloud’ in applications such as Microsoft and Google will be a thing of the past. In 2019, we saw massive attacks against Office 365 and G Suite that can bypass two-factor authentification making shared accounts exceptionally vulnerable.

 

Mobile devices will become even a greater target. As the number of mobile users increases, so will the amount of business data stored in them. Wallen wrote, “It’s a compelling reason why mobiles are seen as the primary cyberattack vector in 2020.”

 

Election security will be off the charts. With over 70 elections globally planned in 2020, there will be an intense focus on the spreading of disinformation.

 

5G, the fifth-generation wireless technology, will cause an increase in loT-based (Internet of Things) attacks. There will need to be a higher level of security which many current vendors are not able to provide yet. Hackers will take advantage of this gap to “sneak in malware and steal large volumes of your SaaS data at breakneck speed.”

 

AI (Artificial Intelligence) will become even more two-faced. While the benefits of AI are countless and help to protect our security, defakes (fake videos) that can spread misinformation will become more prominent and new types of cyberattacks will result because of them.

 

Organizations will continue to see their biggest asset, their employees, become their biggest threat. As reported in Governing.com, “The problem is that now our most important information, whether it’s sales prospects or customer lists or source code … is spread across the organization and is highly portable on a thumb drive or e-mail … information is less ‘siloed.'” Their study shows that “63 percent of people admit that they took data from their last job and brought it to their current job.”

 

We will also continue to see more fake apps and shopping cart viruses, new account fraud, apps that share our data along with phishing scams (and whaling scams if you’re a high-ranking executive or banker). Identity theft will also be rampant through social media. Lastly, child identity theft will continue to rise. It is suggested that every child have a credit freeze on their file. If you would like more information about how to do so, please reach out to our Member Services team at memberservices@guardwellid.com or call 1.888.966.4827. We are here to help 24/7/365.

Founder and CEO on iHeartRadio 700WLW Podcast

Founder and CEO on iHeartRadio 700WLW Podcast

On December 5, 2019, Guard Well Identity Theft Solutions Founder and CEO, E. Allan Hilsinger, was interviewed by Rocky and Rachel on Cincinnati’s News Radio 700WLW. Topics discussed during the ten-minute segment (51:50 to 60:52) include the risk of living in a technologically advanced society, what a digital footprint is and how to reduce the risk of your data being collected and sold online.

 

Hilsinger remarked, “We all have a social security number. We are all at risk. If you haven’t already been victimized by identity theft or identity fraud, it’s going to happen. It’s a sad reality…” He stated that there are 3.5 million Google searches every minute and 4.3 billion Facebook posts every day “…all of that information is being collected and sold.”

 

What can be done to help reduce this risk? Hilsinger suggested the following in the podcast:

– Be careful about what information you put on social media. For example, remove your birthdate from your Facebook account.

– When you search online, do it privately. Don’t allow cookies if possible when looking at websites.

– Try not to share your location with Google Maps.

– Inactivate and delete any old email accounts.

– Search for your own name on Google and see what pops up. If your name is listed on People Search or People Finder, you can submit a request for them to pull your information down.

 

Hilsinger also discussed a service site called DeleteMe.Com that will facilitate users in deleting their presence on other sites and will provide information on privacy laws in multiple countries to better educate the users on their rights in relation to data privacy.

 

To listen to the full podcast, visit https://www.iheart.com/podcast/eddie-rocky-20799661/episode/rocky-and-rachel-12519-53509284/?fbclid=IwAR2zfrqzsSc8c08pB3-YOiBR6WH3k3jszEVWPJytlzSlnyvJ3qVihPD7j6c

Founder and CEO Featured as Identity Theft Expert on WLWT5

Founder and CEO Featured as Identity Theft Expert on WLWT5

On November 15, 2019, Cincinnati’s WLWT5 Investigates featured our Founder and CEO, E. Allan Hilsinger. Dan Griffin, Investigative Reporter, reached out to Hilsinger to be the identity theft industry expert in his segment “How Do You Control Your Digital Footprint.”

 

Transcript:

In today’s world, our personal information is easier than ever for anyone to access. Where you live, where you work, your phone number, and even information about your relatives is available for free.

 

So how do you control your digital footprint? WLWT talked with an identity theft expert to figure out ways to lessen your exposure. One of the most surprising things we learned is that you don’t need to use the internet for your data to live online. Just like footprints in the snow, your digital footprint can lead anyone right to your front door. With a simple click, a crook could cause devastating damage.

 

“There are 3.5 million searches on Google every minute. There are 4.3 billion posts on Facebook every day. All of that information is being stored and sold,” Allan Hilsinger said. Hilsinger is the founder and CEO of Cincinnati-based Guardwell Identity Theft Solutions. He said that that is one way your data can be exposed. Hilsinger also said massive data breaches put your information in a digital wild west.

 

“The 80-year-old lady that never gets online, that shreds all of her documents, that has never given her Social Security number to anybody, she doesn’t have a social media account,” he said. “She doesn’t post pictures. She’s virtually as unavailable online as anybody, anywhere. She still may have shopped at Target. She still could have a credit file with Equifax. She still could have gone to Home Depot during their breach.”

 

Your digital footprint lives online and it builds a picture of who you are, with your name, addresses, phone numbers, email addresses, social media presence and more.

 

Websites we found like FamilyTreeNow.com and TruePeopleSearch.com reveal that kind of information to anyone free of charge. Hilsinger said that makes it easy for someone to steal your identity.

 

“They might buy a house. They might get a job. They might buy a cellphone. They might have a medical procedure,” he said.

 

Hilsinger said that while you likely can never scrub your data from the digital world, you can remove it from some websites by looking for the “Frequently Asked Questions” or “Help” sections.

 

“And we get toward the bottom and we’re going to stop here. ‘How do I remove myself from this site?’ In the paragraph, there is a ‘click here’ button. Once I click on here, I am navigated to a page that gives me the exact instructions on how to remove my information from this website. So I don’t have to worry about this website being an issue for me any further,” he said.

 

He also said people should use their web browsers in private mode, should stop sharing their location on their devices and should disable cookies.

 

If you do think your identity may have been compromised, experts like Hilsinger and his employees can help you navigate what could be damaging situations.

 

“We all, every one of us, have a digital footprint. We have to have an understanding that the more digital that we want to be and we become, the more risk of exposure and identity fraud and identity theft that we have,” he said.

 

Hilsinger’s company provides protection for families, including children, which is why he said getting protection before problems happen is important. He said that children are just as vulnerable to their data being exposed, and even identity theft, because they also have digital lives.

 

Watch the complete segment at https://www.wlwt.com/article/wlwt-investigates-how-do-you-control-your-digital-footprint/29802124?fbclid=IwAR3r3d_nBjCTNQPlF-uuHLHZVDLsu21ryTPfPLYTuPH2nuDQHLEKxzmCSz8#

Keeping Your Holidays Happy and Fraud-free

Keeping Your Holidays Happy and Fraud-free

Yes, it’s that wonderful time of year. The holidays are quickly approaching … and at lightning speed! Will you be traveling to see family in the next few weeks? Or, maybe you’ll be skipping off to a great vacation instead of decking the halls? Whatever your plans are, having time off of work, fun with friends and family, and hopefully a few days of laziness … are wonderful to look forward to. But, when we are caught up in the excitement about buying those last-minute gifts (or sunscreen and new flip-flops), we need to remember that there are some other ‘things to do’ on our checklist to help keep our family and identities safe during this special time of year.

 

In addition to stopping the mail, finding that special neighbor with a green thumb to water your plants, and arranging for pet care for your fur babies, there are some pre-trip actions that you can take to help prevent identity theft from becoming a huge holiday memory. Just some small preventative measures, such as updating the operating system and antivirus software on your mobile devices, can go a long way toward fending off a few identity thieves. Below are some tips for what you can do before you leave home, as well as while you’re away and after your return.

 

Before you leave home:

– Password protect your devices and update operating systems

– Alert your bank(s) about your travel plans

– Visit your post office and put your mail on a vacation hold

– Keep the number of credit cards you travel with to a minimum and have copies of your driver’s license, medical id cards, passports and travel confirmation numbers at home in a safe place

– Turn off auto-connect Wifi and Bluetooth connections

– Consider adjusting your social media account settings so posts aren’t tagged with GPS data

 

While out of town:

– Avoid using public Wifi and even your hotel’s if at all possible

– Do not use public computers

– Keep your travel documents in a hotel safe

– Log out of websites on your smart phone and any websites if you bring a laptop or other device with you on your trip

 

Upon your return home:

– Consider changing passwords for your major accounts

– Thoroughly go through your account statements for any irregularities

– Check your credit report to make sure no new accounts were opened in your name while you were away

 

We hope you have a wonderful holiday vacation. If you suspect identity theft or fraud, please contact us immediately at 888.966.GUARD (4827) or email memberservices@guardwellid.com. Day or night, we’ve got your back and will always be open for you.

SIM Swap Attack – the New Hijack

SIM Swap Attack – the New Hijack

Imagine no texting, no service, and no data for a minute. Yikes! Halloween or not, the lack of being able to connect is a very scary thought and it can happen to any of us due to a tiny piece of plastic called a SIM card. There is a SIM (subscriber identity module) in every mobile device and it is what connects the user to a cellular network. Unfortunately, there is a wide-spread SIM swap hack that allows a thief to hijack your cell number.

 

Also known as a port out scam, simjacking, swim swapping, and SIM splitting … this latest scam can wreak havoc in all of your accounts associated with your mobile phone number. Everyone with a cell phone is at risk of this type of takeover. The PEW Research Center, a nonpartisan organization based in Washington D.C., reported this year that 96% of Americans have a cellular device and 92% of them go online daily. Considering that there are approximately 330 million Americans, that’s a pretty large target market from a hacking standpoint. No one is immune. A number of high profile attacks have occurred via Instagram and Twitter. The website wired.com reported that Twitter CEO Jack Dorsey’s own twitter account was hacked via this method this year.

 

What is a SIM Swap?

This type of scam is an account takeover fraud. It targets a weakness in two-factor authentication and two-step verification in which the second factor (step) is either a text message or a call placed to a mobile telephone. This is achieved by the fraudster impersonating the victim using personal details to appear authentic and claiming that they have lost their phone. The victim’s phone will then lose connection to the network and the fraudster will receive all the SMS and voice calls intended for the victim. This allows them to intercept any one-time passwords sent via text or telephone calls sent to the victim, and thus to circumvent any security features of accounts (such as bank accounts, social media accounts, etc.) that rely on text messages or telephone calls.

 

Damage from a SIM swap can have a snowball effect. Since the scammer would be armed with your login credentials, not only can they steal your money, take over your email and social media accounts, but they can lock you out of them all and open up a new cellular account in your name … or buy that new phone you’ve been eyeing for months but won’t have the joy of using yourself.

 

Is a SIM swap preventable?

No. It’s impossible to completely prevent someone from gaining access to your phone number through a SIM swap due to the fact that the scam requires no misstep on your part (such as clicking on a bogus link). All the scammer needs to do is convince your carrier that they are you and to transfer your phone number to their SIM. As described by Michael Grothaus with Fast Company, “There’s nothing inherently shady with doing a SIM card swap. If you lose your phone or your SIM card is damaged, for instance, you might go to a mobile carrier store or even call up customer service to have your number transferred to a new SIM.”

 

Even though you can’t prevent a swap from happening to you, there are ways to make it more difficult for a scammer. Grothaus suggests to use an authenticator app such as Authenticator by Google, Microsoft AuthenticatorLastPass Authenticator, and 1Password. A single authenticator app can handle all your authentication codes no matter how many different accounts you use.

 

Other courses of action you can do to help prevent a swap include:

– Limit the personal information you share online. Identity thieves will find information to answer the security questions you may have set up to verify your identity. For example, if one of your security questions is, “What is my high school mascot?” and you list your high school name on your Facebook account and that information is not on a private setting, it’s not difficult for a good sleuth to figure out your mascot’s name.

– Set up a PIN for your cellular account and do not share it with anyone.

– Do not reply to calls, emails and SMS messages that could be a phishing attempt to request your personal data. Make sure to read our blog “Accidentally Clicked on a Phishing Link – Now What” to get up-to-speed on phishing scams.

 

The Federal Trade Commission offers a few tips on what to do if you suspect that you’ve been swapped:

– First, contact your cellular service provider immediately to take control of your phone number. After you re-gain access to your phone number, change your account passwords.

– Check your banking, credit card and insurance statements for unauthorized charges or changes to your profile.

– Call your identity theft resolution provider. A Guard Well Member Services team professional is always on hand for you 24 hours a day, seven days a week and every day of the year … yes, even Halloween. There are enough tricks flying around. Here’s to receiving a treat this year!